Radiant Capital suffers $51M exploit on BNB Chain and Arbitrum

Radiant Capital suffers $51M exploit on BNB Chain and Arbitrum

By Benson Toti - min read
Updated 24 October 2024
Kaspersky's report reveals the new tactics being used by North Korean crypto hackers
  • Radiant Capital has fallen to a hack, with more than $51 million stolen across Arbitrum and BNB Chain
  • Over $32 million was stolen from Arbitrum, while BNB Chain accounted for about $18 million

Radiant Capital suffered an exploit on October 16, with hackers siphoning over $51 million from the decentralized finance lender.

On-chain security platform Ancilia first alerted the crypto community to the attack, which impacted the omnichain money market’s Ethereum layer-2 Arbitrum instance and BNB Chain.

“We have noticed several transferFrom user’s account through the contract 0xd50cf00b6e600dd036ba8ef475677d816d6c4281. Please revoke your approval ASAP. It seems like the new implementation had vulnerability functions,” the Palo Alto Networks and Binance Labs-backed platform noted.

Data from blockchain security and on-chain data firm Arkham Intelligence showed details related to the attack.

Stolen funds

According to Ancilia, the exploit appears to have been initiated via a backdoor contract. The attacker drained more than $51 million from the two instances. Stolen funds include wrapped BNB, ETH, USDT, and USDC as well as other tokens.

The hacker’s wallet address shows they held $32 million in Arbitrum-based tokens and $18 million in assets on BNB Chain. Most of the assets are in Ether derivatives wstETH and weETH.

Following the exploit, Radiant Capital posted an update indicating the team has enlisted the help of external security providers to investigate the compromise. As well as BNB Chain and Arbitrum, the DeFi platform announced it had halted its markets on Base and mainnet.

The native Radiant Capital token RDNT declined nearly 6% to trade at lows of $0.067.