ETH, WBNB, USDC Stolen As Radiant Capital Suffers $50M Loss

Radiant Capital, a decentralized finance (DeFi) lender, reported a significant security breach across multiple blockchain networks, resulting in substantial financial losses. On Wednesday, unidentified attackers exploited vulnerabilities in Radiant’s blockchain contracts on both the Binance Smart Chain (BSC) and Arbitrum platforms. 

This breach allowed the perpetrators to siphon off digital assets, including USD Coin (USDC), Wrapped BNB (WBNB), and Ethereum (ETH), totaling over $50 million.

USDC, WBNB, ETH Vanish in $50M Radiant Capital Cyberattack

According to web3 security startup Ancilia, the attack targeted the ‘transferFrom’ function within the blockchain contracts. This vulnerability allowed the attackers to initiate unauthorized transactions from user accounts, which led to the direct theft of USDC, WBNB, and ETH from Radiant’s liquidity pools. 

The firm, however, noted that the exploitation of this function could have been mitigated with more security measures and timely audits of contract changes.

Additionally, reports indicate that three of the eleven private keys responsible for securing and upgrading Radiant’s protocols were compromised. The security experts are investigating how these keys were accessed, with initial theories suggesting a possible phishing attack against key holders or a malware-infected interface used by the holders.

Courtesy: De.Fi Antivirus Web3

Security Measures and Community Response

In response to the breach, Radiant Capital has paused all operations on its Binance Chain and Arbitrum lending markets. The organization is collaborating with blockchain security firms, including SEAL911 and Hypernative, to address the vulnerabilities and prevent future incidents. 

Radiant has also urged its users to revoke suspicious approvals on their accounts and temporarily halted new transactions.

We are aware of an issue with the Radiant Lending markets on Binance Chain and Arbitrum. We are working with SEAL911, Hypernative, ZeroShadow & Chainalysis and will provide an update as soon as possible. Markets on Base and Mainnet are paused until further notice.

— Radiant Capital (@RDNTCapital) October 16, 2024

The community reaction has been one of concern, as similar exploits have plagued the DeFi space in recent months. The loss at Radiant Capital raises questions about the efficacy of current security practices in safeguarding user funds.

Moreover, experts suggest that multi-signature wallets, although used by Radiant Capital, require stricter controls and real-time monitoring to prevent unauthorized access. Similarly, adopting more advanced measures and regular third-party audits will boost defenses against such ETH, WBNB, and USDC losses.

Following increased regulatory scrutiny on the rising crypto hacks, Ilya Lichtenstein faced a proposed 5-year prison sentence from US prosecutors. This is for orchestrating the 2016 Bitfinex exchange hack, which stole $6 billion. Lichtenstein and his wife, Heather Morgan, who faces an 18-month sentence, have pleaded guilty to charges related to money laundering. 

The post ETH, WBNB, USDC Stolen As Radiant Capital Suffers $50M Loss appeared first on CoinGape.