The crypto world is facing a crisis as a cyberattack happened on Omnichain money market Radiant Capital (RDNT). While the attack first started on Arbitrum, Radiant’s Ethereum Layer 2 Network, later it spread to the BNB chain.
The attacker is alleged to holding $18 million tokens on the BNB chain and over $32 million Arbitrum-based assets,
A tweet from web3 threat intelligence firm Ancilia, saying “We have noticed several transferFrom user's account through the contract 0xd50cf00b6e600dd036ba8ef475677d816d6c4281. Please revoke your approval ASAP. It seems like the new implementation had vulnerability functions” revealed the nature of the attack.
Using a transfer from exploit attackers can activate an account to send a substantial number of tokens from one account to a third-party account. Ancilia has asked all Radiant users to revoke contract addresses as this can only happen when the victim’s Radiant account approves interaction with the spoofed wallet address. This directive is to ensure account safety in the face of this attack.
The cyberattack on Radiant Capital has caused $51mm losses in BNB and Arbitrum so far. Although Base and Ethereum deployments are secure, crypto users have been asked to be careful about contracts. Ancilia has found out that this hack happened because a backdoor contract was deployed around 17:09 UTC on Wednesday which provided unauthorized access for the token transfer.
Initial report suggests that Radiant Capital’s multisig setup smart contract controls were internally compromised by an inside attacker or phished by a compromised computer which leaked the private keys of the system.
The hacker transferred USDT, USDC, ETH and BNB tokens worth over $5 million to an address beginning with 0x0629b from a Radiant-controlled wallet which is showing a $51 million balance on DeBank, marking a 2,619,512.54% token holding increase from the time of its creation. This shows that the cyberattack could be more widespread than expected.
Radiant Capital was gripped by a similar cyber attack earlier this year when it lost $4.5 million worth of ETH tokens, about 1900 of them, because of a flash loan attack.
This week's attacker has gathered the largest holdings of weETH, wstETH and ETH tokens as it has $32 million Arbitrum and $18 million on BNB Chain tokens.