DeFi Editor's Picks

Radiant Capital Hacked, Exposing Security Flaws and Causing a $50 Million Loss

radiant capital hack ftr

TL;DR

  • Radiant Capital suffered an attack resulting in the loss of over $50 million due to flaws in its multisig configuration.
  • The vulnerability allowed transactions to be authorized with only three out of eleven required signatures, making it easier to take control of the funds.
  • Radiant is working with security firms to track down the attackers and recover the stolen funds.

Radiant Capital, a decentralized finance (DeFi) platform, has been the victim of an attack that resulted in the loss of over $50 million.

The incident affected its markets on the Binance Smart Chain (BSC) and Arbitrum networks, exposing flaws in the security of its smart contracts. The exploited vulnerability allowed attackers to gain access to the platform’s multisignature (multisig) wallet, a mechanism that should, in theory, have guaranteed transaction security.

The attack was made possible due to a deficient configuration in the multisig system, which required only three out of eleven signatures to authorize transactions. This low threshold allowed hackers to gather the minimum number of signatures needed to take control of the funds and carry out the theft. Among the stolen assets were high-value cryptocurrencies such as USDT, USDC, and ARB tokens, sparking a strong reaction within the crypto community.

radiant capital post

Radiant Capital Exposed by Weak Security

The news has triggered a wave of criticism toward the platform, particularly regarding the choice of security measures. The multisig configuration used has been widely questioned, as platforms handling large amounts of assets should, according to experts, implement more stringent measures. This vulnerability has called into question the platform’s integrity.

Following the attack, Radiant Capital urged its users to take preventive measures, recommending the revocation of permissions granted to its smart contracts through platforms like Revoke.cash, which helps identify potential risks in accounts linked to DeFi contracts. The platform also reported that it is cooperating with specialized security firms, such as SEAL911 and Chainalysis, in an effort to track down the attackers and recover the stolen funds. So far, the attackers’ identities remain unknown.

This hack has reignited the debate over the need to strengthen security within the DeFi ecosystem. The speed with which the attackers exploited the vulnerabilities highlights the importance of having more robust security protocols in place

Related posts

Conflux Network Launches EVM-Compatible Bitcoin Layer 2 Solution

jose

Tim Draper Affirms His Position on Bitcoin

guido

Galaxy Digital continues to record losses: YTD lost $175 million

alfonso