According to Odaily Planet Daily, Radiant Capital published a review on the X platform stating that the protocol experienced a highly complex security vulnerability on the 16th, resulting in a loss of $50 million. The attacker exploited multiple developers' hardware wallets through highly advanced malware injection. During the intrusion, the front end of Safe{Wallet} (also known as Gnosis Safe) displayed legitimate transaction data, while the poisoned transactions were signed and executed in the background.

This vulnerability occurred during a routine multisig emission adjustment process, which occurs periodically to adjust for market conditions and utilization. DAO contributors strictly adhered to many industry standard operating procedures throughout the process. Each transaction was simulated on Tenderly for accuracy and individually reviewed by multiple developers at each signing stage. During these reviews, front-end checks in both Tenderly and Safe showed no anomalies. To emphasize the importance of this point, this compromise was completely undetectable when manually reviewing the Gnosis Safe UI and the Tenderly simulation stage of regular transactions, which has been confirmed by an external security team.

Radiant Capital said it has been working closely with Seal911 and Hypernative and has implemented stronger multi-signature controls. The FBI and zeroShadow are fully aware of the breach and are actively working to freeze all stolen assets. The DAO is deeply devastated by this attack and will continue to work tirelessly with the relevant agencies to identify the attacker and recover the stolen funds as quickly as possible.