Key Points
- Radiant Capital, a multichain money market protocol, lost approximately $48 million in a sophisticated exploit involving a compromised MultiSig wallet and malicious contract deployment.
- The attack, which targeted liquidity pools on Binance Smart Chain and Arbitrum, was the second attempt by the hacker and had been planned for over two weeks.
Exploit Details and Immediate Impact
On October 16, 2024, Radiant Capital, a decentralized finance (DeFi) protocol, fell victim to a significant security breach resulting in the loss of at least $48 million. Security firm Hacken reported that the attack appeared to be an access control breach, where hackers managed to gain control of Radiant Capital’s Pool Provider contract.
The exploit involved transferring ownership of the contract to a malicious entity, allowing the attacker to drain large amounts of assets from the platform’s liquidity pools on both Binance Smart Chain (BSC) and Arbitrum networks. Tokens affected included Wrapped Ether (WETH), Wrapped Bitcoin (WBTC), Arbitrum (ARB), USD Coin (USDC), and Tether USD (USDT).
In the immediate aftermath of the attack, Radiant Capital’s native token, RDNT, experienced a 7% drop in value. As of the latest update, RDNT was trading at $0.067, down over 5% in the last 24 hours.
Attack Methodology and Security Implications
The breach highlights a critical vulnerability in what was supposed to be a robust security feature. The attackers compromised Radiant Capital’s MultiSig wallet, a system designed to enhance protection by requiring multiple approvals for transactions. This breach underscores the importance of continually reviewing and updating security measures in the rapidly evolving DeFi landscape.
Hacken’s investigation revealed that the malicious contract used in the attack had been deployed 14 days prior to the successful exploit. This suggests a meticulous planning phase by the attacker, who had previously attempted and failed to execute the exploit on October 10. The extended preparation period raises questions about the detection capabilities of existing security protocols in the DeFi space.
Response and Recommendations
In response to the attack, security experts have issued urgent advisories to users of Radiant Capital. Hacken recommended that users immediately revoke any approvals they had granted to the platform to prevent further unauthorized access to their funds. Tony Ke, security engineering lead at FuzzLand, extended this advice, suggesting users also revoke approvals on Ethereum and Base networks as a precautionary measure, although it was not confirmed that Radiant was compromised on these chains.
The exploit’s impact is particularly severe given that the drained amount represents over half of Radiant Capital’s total value locked (TVL), which stood at $75.5 million according to data from DefiLlama. This incident serves as a stark reminder of the risks associated with DeFi protocols and the need for enhanced security measures across the industry.
As the DeFi community grapples with the fallout from this exploit, it’s clear that more robust security protocols and perhaps regulatory frameworks may be necessary to protect users and maintain confidence in decentralized financial systems. The Radiant Capital exploit will likely prompt renewed discussions about best practices in smart contract security and the role of third-party audits in preventing such incidents.
