Blockchain-based lending protocol Radiant Capital has been hacked for the second time this year, suffering losses of more than $50 million.
According to blockchain researchers, an attacker managed to obtain three private keys for blockchain contracts used by Radiant Capital. Radiant is controlled by a multi-signature (multi-sig) wallet managed by a total of 11 keys.
“Radiant Capital contracts on BSC and ARB were breached via the ‘transferFrom’ function,” Web3 security firm De.Fi said. It is not yet known how the attacker obtained these keys.
More than $50 million in damage
Radiant was also hacked in January this year due to a bug in its smart contracts and lost $4.5 million.
Blockchain records show that the attacker stole USDT, USDC, WBNB, ETH, and other tokens during the attack this time.
“Radiant uses multisig for smart contract checks, and it appears that this has been compromised from the inside,” said Tony Ke, Fuzzland’s director of security research. This raises the possibility of a phishing attack or an insider attack.
According to TradingView data, Radiant’s token, RDNT, fell from $0.719 to $0.648 after the attack, losing about 10 percent of its value.
The Radiant team announced that they are aware of the problem in the markets and are in contact with SEAL911, Hypernative, ZeroShadow & Chainalysis teams.
Stay tuned for new information.
