Cryptonews Blockchain News

Radiant Capital Suffers Over $50M Heist in Latest Blockchain Attack

Radiant Capital faced its second security breach this year, following a $4.5m loss in January due to a smart contract flaw.

Crypto Reporter

Shalini Nagarajan

Crypto Reporter

Shalini Nagarajan

About Author

Shalini is a crypto reporter who provides in-depth reports on daily developments and regulatory shifts in the cryptocurrency sector.

Author Profile

Last updated:

October 17, 2024

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

Radiant Capital, a Binance-backed blockchain protocol specializing in cross-chain lending, was hacked on Wednesday, with attackers stealing over $50m.

According to Web3 security firm De. Fi Antivirus, the attacker(s) gained control of three out of eleven private keys needed for protocol upgrades, enabling them to alter smart contracts on both the Arbitrum and Binance Smart Chain (BSC) networks.

The hackers stole various cryptocurrencies, including USDC, ETH and BNB. They used an exploit identified as ‘transferFrom,’ allowing them to transfer tokens directly from user accounts into their own.

🚨~$58,000,000 Exploit Alert🚨

Radiant Capital contracts were exploited on BSC & ARB chains with the 'transferFrom' function, which allowed to drain users' funds, namely $USDC $WBNB $ETH and others

⚠️Revoke approvals ASAP👇
0xd50cf00b6e600dd036ba8ef475677d816d6c4281 pic.twitter.com/oUHyshwEmL
— De.Fi Antivirus Web3 🛡️ (@De_FiSecurity) October 16, 2024

Radiant Suspends Lending on BNB Chain, Arbitrum After $50M Cyberattack

Lookonchain reported that the hacker converted the stolen assets into 12,835 ETH, valued at $33.6m, and 32,113 BNB, worth $19.4m.

After discovering the breach, Radiant Capital halted its lending operations on BNB Chain and Arbitrum to prevent further unauthorized transfers.

The team said that it is working with SEAL911, Hypernative, ZeroShadowand Chainalysis to address the issue, assuring that updates will follow soon. In the meantime, markets on Base and Mainnet are paused until further notice.

Radiant Suffers Second Hack This Year

This marks Radiant’s second security breach this year. In January, the protocol lost $4.5m in a separate exploit caused by a smart contract flaw.

According to De.Fi Antivirus, this recent attack differs from the first, which involved a flash loan exploit. This time, the hacker gained access to three signers, allowing them to transfer ownership and perform contract upgrades.

In Sept. 2024, attackers stole over $120m through targeted hacks on multiple crypto platforms. PeckShield data revealed more than 20 incidents, impacting both centralized and decentralized systems. The largest losses came from BingX, Penpie, and Indodax, with combined damages surpassing $90m.