Đăng nhập
Đăng ký
Quét mã QR để tải xuống ứng dụng di động
Nhiều lựa chọn tải xuống hơn
Thông báo
Thị trường
Không có thông báo mới
Thêm
Chọn ngôn ngữ và khu vực
简体中文
English
Tiếng Việt
繁體中文
Español
Русский
Français (Afrique)
Português (Portugal)
ไทย
Indonesia
日本語
بالعربية
Українська
Português (Brasil)
Màu sắc tăng giảm
Đỏ tăng xanh giảm
Xanh tăng đỏ giảm
Thời gian bắt đầu tăng giảm
24H
UTC 00:00
UTC+8 00:00
Gate.io
BLOG
Radiant Capital Exploit: Hacker Transfer...
Radiant Capital Exploit: Hacker Transfers $52M to Ethereum in DeFi Breach
2024-11-05, 08:22
[//]:content-type-MARKDOWN-DONOT-DELETE ![](https://gimg2.gateimg.com/image/article/17307939121690791857hotspot.jpeg) ## [TL; DR] On 16 October hackers stole crypto assets valued at over $50 million from Radiant Capital. This year bad actors stole digital currencies worth over $313 million. Poor private key security contributed to Radiant Capital crypto exploit. ## Introduction The threat of cybersecurity attacks on digital trends remains high. Already, in October we have witnessed several crypto hacks including that of Radiant Capital. Today, we focus on this hack and its implication on the entire cryptocurrency sector. ## Radiant Capital Attack: The Nature of the Exploit Radiant Capital, a decentralized finance protocol, had a crypto exploit on 16 October that resulted in loss of cryptocurrencies valued at around $52 million. The hackers breached Radiant Capital and accessed cryptocurrencies on Binance Chain and the [Ethereum layer-2 Arbitrum](https://www.gate.io/learn/articles/value-analysis-of-ethereum-layer-2/2004 "Ethereum layer-2 Arbitrum"). Basically, Radiant Capital is a cross-chain lending protocol that allows users to lend their cryptocurrencies to earn interest. They can also borrow various assets that exist on various blockchains that include Binance Chain, [Arbitrum](https://www.gate.io/learn/articles/what-is-arbitrum/3628 "Arbitrum") and <a href="/vi/price/ethereum-eth" target="_blank" class="blog_inner_link">Ethereum</a> at low interest rates. According to [DefiLama](https://defillama.com/protocol/radiant#information "DefiLama"), after the exploit the total value locked on the lending protocol tanked by about 66%. On 16 October Ancilia Inc., a blockchain security firm, reported the Radiant Capital DeFi security breach. It raised alarm after noticing suspicious activity on the protocol’s smart contracts on <a href="/vi/price/bnb-bnb" target="_blank" class="blog_inner_link">BNB</a> Chain. However, the first report indicated that the protocol had lost $16 million worth of assets from Binance Chain. However, later more details emerged, indicating that assets with a valuation of more than $50 million were stolen. Some of the assets that were siphoned during the Radiant Capital hack include USDT, USDC and ARB. Later on, Radiant Capital acknowledged the crypto hack through its X profile.[ It posted](https://x.com/RDNTCapital/status/1846634050100039881 " It posted"), “We are aware of an issue with the Radiant Lending markets on Binance Chain and Arbitrum. We are working with SEAL911, Hypernative, ZeroShadow & Chainalysis and will provide an update as soon as possible. Markets on Base and Mainnet are paused until further notice.” Nonetheless, at that time it did not provide full details about the crypto security breach. It is important to note that this was not the first time that Radiant Capital was breached. In January the lending protocol lost crypto assets worth $4.5 million as a result of a flash loan vulnerability. The hackers exploited a bug in its smart contracts. The recurring attacks on DeFi protocols show how the attackers are using sophisticated technologies to breach decentralized platforms and steal their assets. The fact that this was the second exploit this year indicates that there are loopholes in Radiant Capital smart contracts security system. ## Details on the Radiant Hack: How the Hack Occurred? Through its Medium blog, Radiant Capital gave details of how the attack occurred. According to the report, the attackers compromised three core contributors’ computers using a malware injection. As a result, they used the compromised devices to process malicious transactions leading to the siphoning of the digital assets. The attackers’ method was so sophisticated that the frontend of the <a href="/vi/price/gnosis-gno" target="_blank" class="blog_inner_link">Gnosis</a> Safe broadcasted the malicious transactions as legitimate. Also, although the exploit took place during a routine multi-signature emissions adjustment process, the system did not flag any suspicious activity. Posting on its Medium blog post, [Radiant Capital said](https://medium.com/@RadiantCapital/radiant-post-mortem-fecd6cd38081 "Radiant Capital said"), “Each transaction was simulated for accuracy on Tenderly and individually reviewed by multiple developers at each signature stage. Front-end checks in both Tenderly and Safe showed no anomalies during these reviews.” It explained further: “ The compromise was completely undetectable during the manual review of the <a href="/vi/price/gnosis-gno" target="_blank" class="blog_inner_link">Gnosis</a> Safe UI and Tenderly simulation stages of the routine transaction. Front-end verification of all three multi-signature transactions showed no signs of compromise, aside from Safe App transaction re-submissions due to failures.” Based on its explanations the security breach was well-timed and the method was advanced. In fact, the bad actors initiated the transactions and facilitated their smart contract approvals as well as the crypto funds movement. Radiant Capital further clarified, “The most concerning aspect of this attack is the high level of sophistication involved. The compromised devices presented no obvious warning signs beyond minor glitches and error messages during the signing process — issues commonly encountered when interacting with hardware wallets and Safe.” ## Methods used by hackers to obscure stolen funds: The use of Ethereum and Mixers Almost all the cryptocurrencies stolen from Radiant Capital have been moved to the <a href="/vi/price/ethereum-eth" target="_blank" class="blog_inner_link">Ethereum</a> network. The likely reason for the crypto funds movement to the network was to obscure their location. On 24 October, PeckShield, a blockchain security firm, reported that the Radiant Capital exploiter transferred the looted assets from Arbitrum and Binance Chain to the Ethereum network. ![](https://gimg2.gateimg.com/image/article/17307945371.jpeg) Stolen Funds Moved to Ethereum: x.com.PeckShield Before this date, Radiant Capital had advised its users to secure their wallets through evoking the affected blockchains. [It posted](https://x.com/RDNTCapital/status/1848809006976143397 "It posted"), “ If you’ve ever interacted with Radiant or think you may have, you must revoke approvals to affected contracts right now. Failing to do so puts your funds at risk of being drained. This is not optional—take one minute to protect your assets.” Usually, the bad actors move their stolen assets to the Ethereum Network and launder them using crypto mixers [such as Tornado Cash](https://www.gate.io/learn/articles/what-is-tornado-cash/211 "such as Tornado Cash"). By doing this it becomes difficult for the exploited protocols to recover the assets. Several bad actors used this method in the past. For example, Orbit Chain, Pancake BunnyWazirX, Unizen, CoinStats and Penpie exploiters used the same method. As a result, all these crypto projects failed to recover their stolen assets. ## Understanding Security challenges in the DeFi Space Crypto thefts [continue to take place](https://www.gate.io/blog/2237/why-crypto-theft-is-on-the-rise-reasons-and-consequences "continue to take place"). Earlier in September, PeckShield reported that more than $313 million worth of cryptocurrencies have been stolen this year. The following statistics show the distribution of the thefts by month. Read also: [Hackers stole over $100m in BNB cross-chain bridge](https://www.gate.io/blog/1657/Hackers-stole-over--100m-in-BNB-cross-chain-bridge "Hackers stole over $100m in BNB cross-chain bridge") ![](https://gimg2.gateimg.com/image/article/17307946372.jpeg) Stolen Cryptocurrencies in 2024 - PeckShield Such a high amount of stolen digital currencies show that there are still many crypto projects that have security weaknesses. For instance, many crypto projects fail to secure their private keys which has contributed to crypto hacks. Despite using multisig wallets, bad actors find their ways to compromise the networks and projects. In some cases, there are bugs or vulnerabilities in the smart contracts which give room to hackers to crack their security systems. ## Conclusion On 16 October bad actors stole cryptocurrencies worth over $50 million from Radiant Capital. The hackers managed to compromise three core contributors' devices and accessed the assets. Unfortunately, the protocol’ s system failed to detect and report any suspicious activities. A few days after the crypto exploit the hackers transferred all the assets from Arbitrum and Binance Chain to Ethereum Network. The reason for that was to obscure the destination of the crypto assets from security agencies and the involved project, Radiant Capital. <div class="blog-details-info"> <div>Author: Mashell C., Gate.io Researcher <div class="info-tips">\*This article represents only the views of the researcher and does not constitute any investment suggestions. <div>\*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all cases, legal action will be taken due to copyright infringement. </div>
Chia sẻ
Содержимое
TL_ DR
Introduction
Radiant Capital Attack: The Nature of the Exploit
Details on the Radiant Hack: How the Hack Occurred?
Methods used by hackers to obscure stolen funds: The use of Ethereum and Mixers
Understanding Security challenges in the DeFi Space
Conclusion
Credit Ranking
Complete Gate Post tasks to upgrade your rank
Join Now
ETH/USDT
-1.9%
BTC/USDT
-1.9%
GT/USDT
1.28%
Bài viết liên quan
Blockchain
Khai thác thanh khoản là gì?
2021-12-16, 04:22
Blockchain
SOCIALFI LÀ GÌ?
2021-12-28, 10:17
Blockchain
Mất mát vô thường là gì?
2022-02-17, 03:38