Radiant Capital

History

2024: Hacking the platform and stealing $50m from it

In mid-October 2024, the cryptocurrency platform Radiant Capital lost over $50 million as a result of a cyber attack. The hack began with the Arbitrum blockchain, and then spread to the BNB Chain. The attacker gained control of Radiant Capital's blockchain contracts thanks to three "private" keys controlling the protocol, security experts said. A security hole allowed an attacker to withdraw user funds.

Control of Radiant contracts was provided by a multi-signature wallet or "multi-signature" 11 keys. The attacker was apparently able to obtain three private keys, which turned out to be enough to update the platform's smart contracts. This is the second time in 2024 that the protocol became the target of an attack: in January, Radiant lost $4.5 million as a result of another, independent hack, in which hackers took advantage of an error in smart contracts.

𝓲

Unsplash

It is not yet clear how the attacker received the private keys for the cyber attack. It is assumed that the hack could be related to data compromise if the legitimate Radiant key holders could accidentally interact with a protocol containing malware. The attack used Trojan viruses, programs to intercept hardware wallets and write smart contracts, which required high qualifications of a hacker.

Radiant admitted the hack in a message on an official social media account, but did not provide details of the attack.

We are aware of the issue with Radiant Lending markets on Binance Chain and Arbitrum, Radiant officials said. - We are working with cybersecurity groups SEAL911, Hypernative, ZeroShadow and Chainalysis and will provide an update as soon as possible. Trading in the Base and Mainnet markets has been suspended until further notice.[1]

Notes