PANews reported on October 18 that the multi-chain lending agreement Radiant Capital posted on the X platform that on October 16, 2024, Radiant Capital suffered an extremely complex security vulnerability incident, resulting in a loss of $50 million in funds. The attackers broke into the hardware wallets of multiple developers by injecting a highly advanced malware. The way these devices were hacked was so covert that the front end of the Safe wallet (formerly known as Gnosis Safe) displayed legitimate transaction data, while the back end was signing and executing tampered transactions at the same time. The security vulnerability occurred in the regular multi-signature emission adjustment process, which is designed to make periodic adjustments based on market conditions and utilization. Throughout the process, DAO contributors always strictly adhered to industry-standard operating procedures. They used Tenderly to simulate and verify each transaction, and multiple developers conducted a detailed review at each signing stage. No anomalies were found in either Tenderly or Safe's front-end inspections. However, shockingly, the attack was completely undetected in the Gnosis Safe user interface and the regular manual review of transactions during the Tenderly simulation stage. This fact has been confirmed by external security teams including Security Alliance and HypernativeLabs. Faced with this severe challenge, Radiant Capital quickly worked closely with Seal911 and Hypernative and strengthened multi-signature control measures. At the same time, the Federal Bureau of Investigation (FBI) and zeroShadow also fully intervened to actively track down and freeze the stolen assets.
Earlier yesterday, it was reported that Radiant Capital suspended its loan market due to a vulnerability attack, with an estimated loss of approximately US$58 million .
