According to BlockBeats, on October 18, Radiant Capital announced via social media that it experienced a highly complex security breach on October 16, resulting in a loss of $50 million. The attackers used advanced malware to exploit multiple developers' hardware wallets.

During the breach, the front end of Safe{Wallet} (also known as Gnosis Safe) displayed legitimate transaction data, while the compromised transactions were signed and executed in the background. This vulnerability occurred during a routine multi-signature adjustment process, which is regularly conducted to adapt to market conditions and utilization rates. DAO contributors strictly adhered to numerous industry-standard operating procedures throughout the process. Each transaction was simulated on Tenderly to ensure accuracy and was independently reviewed by multiple developers at each signing stage. During these reviews, no anomalies were detected in the front-end checks of Tenderly and Safe. External security teams have confirmed that this compromise was undetectable during the manual review of the Gnosis Safe UI and the routine transaction simulations on Tenderly.

Radiant Capital stated that it has been working closely with Seal911 and Hypernative and has implemented stronger multi-signature controls. The FBI and zeroShadow are fully aware of the breach and are actively working to freeze all stolen assets. The DAO is deeply affected by this attack and will continue to collaborate with relevant agencies to identify the attackers and recover the stolen funds as soon as possible.