On October 16, Radiant Capital’s lending protocol suffered the second cyberattack this year, resulting in the loss of more than $50 million. According to data De.Fi Antivirus Web3, the project’s contracts were exploited
How reported analysts at QuillAudits, the losses from the hack amounted to $58 million. The attackers managed to gain control of the platform’s contracts by obtaining three of the 11 private keys for a multi-signature wallet (when all owners’ signatures are required to make a decision). And then they used this data to change the owner of the LendingPoolAddressesProvider smart contract. Next, the hackers replaced the smart contract of the lending pools with their own, with a backdoor
The Radiant Capital team has asked to revoke access to the following contracts on the site revoke.cash:
In this situation, some victims could have lost money twice. The fact is that Web3 cybersecurity service provider Ancilia, which is also involved in this incident, mistakenly shared a scam link from a fake Radiant account in its publication. The link contained a cryptojack, a type of malware that can be used to quickly and automatically withdraw funds from legitimate crypto wallets to attackers’ wallets.
In their message, Ancilia asked users to revoke their permissions by following the link from their publication. The latter led to a drainer.
«We accidentally reposted a fraudulent link, we apologize. The post has been removed», — modestly reported cybersecurity specialists.
The first hack of Radiant Capital 2024 took place in January. Back then, $4.5 million was lost due to a vulnerability in smart contracts.
Radiant Capital (RDNT) — is a decentralized finance (DeFi) platform for borrowing, lending, and exchanging cryptocurrencies from different blockchain networks. It operates on two popular networks — Arbitrum and BNB Smart Chain, and uses advanced technologies to exchange data between blockchains faster and more securely.