According to Ancilia, a blockchain security firm, the lending platform Radiant Capital (RDNT) suffered a major attack on October 16, causing significant losses across both the Arbitrum and BNB Chain networks.
On-chain data reveals alarming damage: over $32 million worth of assets were stolen from Arbitrum and $18 million from BNB Chain, bringing the total loss to $51 million.
Immediately following the incident, Radiant Capital officially confirmed the security breach on the project’s X (Twitter) account. They stated that they are working with relevant parties to mitigate the impact and advised users to revoke wallet permissions for the four compromised smart contract addresses. The project also announced that all operations would be paused until the security vulnerability is fixed.
Preliminary analyses shed light on the hacker’s method. The attacker managed to seize 3 out of 11 private keys used for multisig approval. This number was enough for them to take control of Radiant’s lending pools and withdraw funds. This has raised concerns within the community about why Radiant Capital set such a low threshold for multisig approval.
Notably, this is not the first time Radiant Capital has experienced a security incident. Earlier this year, the project lost around 1,900 ETH (equivalent to $4.5 million) in a flash loan attack.
Related: OpenAI X Account Hacked in Crypto-Related Incident
About Radiant Capital and RDNT
Radiant Capital is a multi-chain lending protocol built on the Layer-2 Arbitrum network, allowing users to borrow and lend assets across multiple blockchains with ease. With aspirations to become the first omnichain money market, Radiant leverages LayerZero technology through the Stargate interface to facilitate cross-chain transactions for its users.
Following the attack, the RDNT token has dropped nearly 10% in the past 24 hours. Compared to its recent peak in March of this year, the token’s price has plummeted by more than 85% and is currently trading around $0.066.
