Recently, the decentralized finance (DeFi) platform Radiant Capital suffered a significant breach, resulting in the theft of over $50 million. This event has added to the growing concerns about security in the DeFi sector. The hackers orchestrated a sophisticated attack, compromising devices of core developers and subsequently exploiting the platform’s vulnerabilities.
Blockchain security firm PeckShield reported on October 24 that the Radiant Capital hacker has moved “nearly all” of the stolen funds from layer-2 networks, namely Arbitrum and the Binance BNB Chain, to the Ethereum network. The total transferred sum amounts to approximately 20,500 Ether (ETH), valued around $52 million at current market prices. This move is believed to be an attempt to obscure the origins of the stolen assets.
| Date | Action | Networks Involved | Amount | Approximate Value |
|---|---|---|---|---|
| Oct. 16 | Initial exploit detected | Radiant Capital Platform | >$50M | – |
| Oct. 18 | Release of post-mortem details | – | – | – |
| Oct. 23 | Warning issued to users to secure wallets | – | – | – |
| Oct. 24 | Funds moved to Ethereum | From Arbitrum and BNB Chain to Ethereum | 20,500 ETH | $52M |
Radiant Capital’s Response and User Advisory
Following the attack, Radiant Capital took immediate action by halting its lending markets and conducting a thorough security review. On October 23, the platform issued an urgent advisory to its users to revoke any approvals granted to the compromised smart contracts to avoid further losses.
This isn’t the first time Radiant Capital has faced security challenges. In January of the same year, the platform experienced a $4.5 million loss due to a flash loan exploit. The repeated breaches underscore the ongoing security vulnerabilities within DeFi platforms and highlight the importance of robust protective measures.
Common Tactics in Crypto Exploits
Hackers frequently use Ethereum as a transit point to mix stolen funds, often utilizing services like Tornado Cash to further obscure their trails. This method has been a popular strategy in various crypto hacks and exploits throughout the year, affecting platforms such as WazirX, CoinStats, Orbit Chain, Pancake Bunny, Unizen, and Penpie.
PeckShield’s commentary to Cointelegraph earlier in the year elucidates the urgency with which hackers convert stolen assets to Ether. This quick conversion aids in securing the funds before any counteractions can be taken by authorities or token issuers.
Despite the high-profile nature of these hacks, September reported a relatively lower loss of $120 million across the crypto industry—the second-lowest monthly total in 2024. This statistic suggests varying degrees of security enhancement across platforms, though the need for comprehensive measures remains critical.
The Radiant Capital hack is a stark reminder of the persistent risks within the DeFi ecosystem. As platforms strive to fortify their defenses, the industry must adopt more rigorous standards and oversight to protect users and their assets. Continuous education and awareness, coupled with innovative security solutions, are essential to mitigate such threats in the future.
Featured image credit: Hermes94 via GoodFon
Follow us for more breaking news on DMR