Radiant Capital, a blockchain lending protocol, has lost more than $50 million in a hack, blockchain data and security experts say.
The attack struck Radiant's Ethereum Layer 2 Arbitrum instance before later spilling over to the BNB Chain. The hacker manipulated the protocol by utilizing a smart contract function called "TransferFrom," which grants permission for one account to transfer tokens from another account to a third.
The hacked asset was transferred to a wallet starting with "0x0629b" that reportedly contained more than $5 million in tokens. According to DeBank, the same wallet had a balance of $51 million and an astronomical 2,619,512.54% surge in token holdings not long after the attack.
With a very wide market and having tasted the sweet smell of success, they are right now planning to strike more other platforms that got vulnerabilities to exploit.
Just as predicted, there will be more and more hacks and scams as we are nearing the end of the year and the expected big bull run in 2025. Seems to me that hackers are really so creative in what they are doing and they can be ahead of the game of cat and mouse. Now, one of the takeaways here is that the wallet where the stolen assets were transferred belong to someone (or maybe a group, perhaps) with already substantial resources...and it can mean these hackers really got the money financing their online operations. With a very wide market and having tasted the sweet smell of success, they are right now planning to strike more other platforms that got vulnerabilities to exploit.At the end of the chain, somehow these hacks will connect with the lazarous group of NK because most of the hacks that happened in 2024 were done by this group from NK and this hack might also be their work. I did not see the addresses for how much funds they have, but I don't see any USDT and I recently learned that Tether can seize USDT even if kept in a non-custodial wallet, they can seize it so that's why hackers don't hack in USDT form.
I don't see any USDT and I recently learned that Tether can seize USDT even if kept in a non-custodial wallet, they can seize it so that's why hackers don't hack in USDT form.Depending on how the hacking takes place, I can see them convert the USDT to other tokens and withdraw the deposits from there. I guess that's one plus point for Tether, although I don't think anyone is comfortable knowing Tether can freeze their tokens anytime regardless of what they do. Especially when the rate of abuse and control is high.
I don't see any USDT and I recently learned that Tether can seize USDT even if kept in a non-custodial wallet, they can seize it so that's why hackers don't hack in USDT form.Depending on how the hacking takes place, I can see them convert the USDT to other tokens and withdraw the deposits from there. I guess that's one plus point for Tether, although I don't think anyone is comfortable knowing Tether can freeze their tokens anytime regardless of what they do. Especially when the rate of abuse and control is high.
Just as predicted, there will be more and more hacks and scams as we are nearing the end of the year and the expected big bull run in 2025. Seems to me that hackers are really so creative in what they are doing and they can be ahead of the game of cat and mouse. Now, one of the takeaways here is that the wallet where the stolen assets were transferred belong to someone (or maybe a group, perhaps) with already substantial resources...and it can mean these hackers really got the money financing their online operations. With a very wide market and having tasted the sweet smell of success, they are right now planning to strike more other platforms that got vulnerabilities to exploit.I'm not qualified to assess the security vulnerabilities in this lending project's source code, but it seems that hackers have successfully exploited it, resulting in a $50M loss for users. I thought HackTrend only occurred during the hottest market periods when new protocols are hastily launched to capitalize on market opportunities. I didn't expect Radiant Capital to have such a severe issue before we even entered the bullrun.
Depending on how the hacking takes place, I can see them convert the USDT to other tokens and withdraw the deposits from there. I guess that's one plus point for Tether, although I don't think anyone is comfortable knowing Tether can freeze their tokens anytime regardless of what they do. Especially when the rate of abuse and control is high.How can it be a plus point for Tether? I mean, besides only an increment in their trading volume, I don't see another plus point. And if they would be seeking plus points, they won't acquire this feature in the first place I guess.
But this feature is also a plus point for them to make a good image among authorities and governments for their longevity.I mean exactly that, not in the sense that it will give them good trading value overall. I'm not a fan of centralized stablecoin either, especially for this reason. I'm fine with the tradeoff that if my money is lost then it's impossible to recover it (due to hacking, etc) as long as everything is under my control. It doesn't seem like that's the case with the market though. I guess it's understandable considering we like to have backup/other ways to recover our wealth.
i wonder whether Radiant Capital perform audit on their smart contract before it's deployed on blockchain network.Is there any good auditor to begin with? The last few projects that I've followed got hacked even if their smart contracts are deemed 'secure' by third parties. Granted they're not open source so there's a high chance those auditors got paid for making that judgment.
With a very wide market and having tasted the sweet smell of success, they are right now planning to strike more other platforms that got vulnerabilities to exploit.
There will be more coming; hacking is a lucrative business; there are many platforms and individuals to hack, and they will never stop until they are caught, problem is sometimes they are not caught and even if they are caught they have a way to get out or do a compromise.
With how hackers do their business, its time for companies to upgrade and spend on their security, Companies that cannot upgrade their security will be left behind and lose trust of the community.
But this feature is also a plus point for them to make a good image among authorities and governments for their longevity.I mean exactly that, not in the sense that it will give them good trading value overall. I'm not a fan of centralized stablecoin either, especially for this reason. I'm fine with the tradeoff that if my money is lost then it's impossible to recover it (due to hacking, etc) as long as everything is under my control. It doesn't seem like that's the case with the market though. I guess it's understandable considering we like to have backup/other ways to recover our wealth.i wonder whether Radiant Capital perform audit on their smart contract before it's deployed on blockchain network.Is there any good auditor to begin with? The last few projects that I've followed got hacked even if their smart contracts are deemed 'secure' by third parties. Granted they're not open source so there's a high chance those auditors got paid for making that judgment.
i wonder whether Radiant Capital perform audit on their smart contract before it's deployed on blockchain network.Is there any good auditor to begin with? The last few projects that I've followed got hacked even if their smart contracts are deemed 'secure' by third parties. Granted they're not open source so there's a high chance those auditors got paid for making that judgment.
I mean exactly that, not in the sense that it will give them good trading value overall. I'm not a fan of centralized stablecoin either, especially for this reason. I'm fine with the tradeoff that if my money is lost then it's impossible to recover it (due to hacking, etc) as long as everything is under my control. It doesn't seem like that's the case with the market though. I guess it's understandable considering we like to have backup/other ways to recover our wealth.Other ways or alternative ways? If a person can get alternative options by choosing another path, then he will choose the other path. This means alternative options are better than having none. I got your point, and yeah, people will even prefer centralized exchanges over DEXs because they know they have some chance with CEXs to recover their funds if CEXs make a mistake or get hacked.
There are some 3rd party auditors, but still even if they give it a go, those hackers will still some find loopholes and exploit it. So it's really hard to just lean on those 3rd party in my opinion.Even if investigators find the hacker's like not knowing where he lives but could actually trace the wallet correctly, which is difficult in some cases, they won't find any contact, and even if they find they can't trace them because hackers are nowadays working in groups (or maybe they were already working in groups).
So with that, Radiant might have perform audit, but it doesn't mean that they are safe from this hackers.
And I do agree that since we are in the bull run, this criminals are very active to find their target. Hopefully if they are going to trace, maybe one mistake of this hackers could lead investigators to them.