Radiant Capital, a decentralized finance (DeFi) protocol, has suffered a significant security breach, leading to the theft of over $50 million across its Arbitrum and Binance Smart Chain (BSC) networks.
Incident Details
The hack on Radiant Capital was first reported by Ancilia, a web3 security firm, which detected suspicious transactions on Radiant’s BSC instance.
Vulnerabilities and Hack
According to recent updates, the Multisig of Radiant Capital was compromised and ownership was transferred. Hackers used a backdoor contract to access user wallets, risking additional funds. Radiant's multisig had 11 signers but only required 3 signatures to execute transactions. The attackers controlled at least 3 of them.
Consequences and Response
This hacking incident has prompted numerous questions from crypto analysts regarding the security protocol of Radiant Capital, as requiring 3 out of 11 signatures is considered low for a protocol of this scale and size.
As a result of the breach, Radiant Capital lost over $50M, sparking criticism of the protocol's security. The multisig security issue is now a hot topic among the community.