Market Times:

London:

New York:

Singapore:


DeFi Platform Radiant Capital Loses Over $50M to Hackers

On-chain data suggested the breach stemmed from a backdoor contract on the BSC and Arbitrum chains, enabling unauthorized asset transfers.

Capital

Radiant Capital, a decentralized finance (DeFi) project utilizing LayerZero, recently suffered a significant loss of over $50 million due to an attack by unidentified individuals.

According to the Web3 security firm Ancilia, the breach was likely caused by a backdoor contract deployed on the BSC network and Arbitrum chain, enabling the attacker to gain unauthorized access and initiate asset transfers.

What is Radiant Capital?

Radiant Capital is a DeFi platform that enables cross-chain lending and borrowing, aiming to bridge liquidity across different blockchain networks. Users can deposit assets on one blockchain and borrow on another.

This is not Radiant Capital’s first security incident. Earlier in the year, the platform lost approximately 1,900 ETH (valued at $4.5 million) due to a flash loan attack.

Blockchain security firm Beosin identified the exploit as a flash loan attack that capitalized on a “rounding issue” in the codebase. The precision error allowed the attacker to profit through repeated deposit and withdrawal actions.

Cybercriminals Target DeFi

Decentralized finance continues to be a prime target for cybercriminals. Data shows that 31 out of 34 incidents in the third quarter (Q3) occurred within the DeFi sector. However, centralized finance (CeFi) platforms faced greater financial impacts, accounting for 74.8% ($309 million) of total losses, compared to DeFi’s 25.2% ($104 million).

The Indian centralized exchange WazirX lost $235 million to hackers, followed by a $52 million breach at Singapore-based BingX on September 20. Other affected platforms include Penpie, which lost $27 million. Indodax, another CeFi platform, parted ways with over $21 million, while DeltaPrime reported $5.98 million in stolen funds. Truflation lost $5.6 million.

Trader Loses $1.3M in Scam

In a separate event, a crypto whale recently became a phishing scam victim and lost over $1.39 million in various cryptocurrencies.

According to CoinTab, the incident involved the exploitation of Uniswap’s “permit2” feature. This feature lets users approve multiple tokens with one signature. Scammers exploited it to access and drain the victim’s wallet after they signed a phishing message.

The stolen assets included PEPE, MSTR, and APU tokens valued at around $1.39 million and were taken from the decentralized exchange Uniswap.

Jonathan Agozie

Jonathan Agozie is a prompt engineer committed to crafting clear and technically sound content on blockchain, cryptocurrency, and Web3 technologies.