As a seasoned crypto investor with battle-scarred eyes from navigating the treacherous waters of DeFi, I can’t help but feel a mix of dismay and resignation upon reading Radiant Capital’s post-mortem of their October 16 exploit. With over $50 million in user funds swiped by an elusive hacker, it serves as yet another grim reminder that the wild west of crypto is anything but tamed.
As a researcher, I’ve delved into the comprehensive study recently published by Radiant Capital, which offers a thorough breakdown of the October 16th incident resulting in the substantial depletion of over $50 million worth of user assets.
Based on the autopsy findings, it appears that the perpetrator employed sophisticated malicious software to contaminate transactions, thereby allowing them to pilfer funds while conducting a standard multi-signature procedure.
Attack Methodology Exploited Common Errors
The ordeal began when a hacker manipulated the security of three key developers’ hardware wallets, subtly inserting malicious software that resembled regular transactions. Unaware, the developers approved what seemed to be normal emission adjustments, allowing the concealed malware to carry out unauthorized transactions behind the scenes.
In the critical sequence of events, Radiant Capital emphasized that their contributors strictly adhered to established protocols. Each transaction was meticulously tested for precision using the advanced multi-tier Web3 infrastructure platform, Tenderly. Moreover, a thorough examination was conducted at every step where signatures were involved.
Although this system had several levels of checks, the initial assessments on the user interface didn’t reveal any unusual activities, yet the malware managed to infiltrate the protocol’s mechanisms unnoticed.
One notable aspect of the company’s evaluation revealed that the hacker exploited frequent transaction failures to carry out the cyber attack. They manipulated wallet resubmissions, typically triggered by gas price fluctuations or network overload, as a disguise for gathering private keys. Simultaneously, they managed to preserve an ordinary facade throughout the process.
Subsequently, the culprit managed to take command over certain digital contracts, leading to the eventual draining of a significant amount of cryptocurrency, comprising of US Dollar Coins (USDC), Wrapped Binance Coin (wBNB), and Ether (ETH).
According to different news sources, the exact sum that was taken ranges from $50 million to $58 million. Nevertheless, the DeFi platform itself claims a lower amount in their report about this incident.
FBI Tapped to Help Recover Stolen Funds
According to the report, the cross-chain lender is collaborating closely with U.S. law enforcement agencies, particularly the FBI, as well as security firms SEAL911 and ZeroShadow, in an effort to trace the cryptocurrency that was recently stolen.
Additionally, for safety measures, it’s recommended that users withdraw their approvals on all platforms such as Arbitrum, Binance Smart Chain, and Base. This action is taken due to an exploit where the attacker was able to deplete funds from accounts by leveraging open approvals.
Radiant Capital has taken steps to enhance the platform’s security by setting up fresh cold wallets, modifying signing requirements, and implementing a system where all contract updates and ownership transfers are delayed for 72 hours. This delay allows the community ample time to review transactions prior to their completion.
Despite the advanced nature of the intrusion, the company acknowledges that the implemented security measures might not have been sufficient to thwart it.
The frequency of attacks on Decentralized Finance (DeFi) systems has been escalating rapidly, as suggested by recent studies, and the situation appears grim. According to PeckShield’s data, over 20 hacks occurred in September alone, resulting in a staggering loss of approximately $120 million.
Furthermore, it was reported by another cybersecurity company working on blockchain, Hacken, that an estimated $440 million worth of cryptocurrency stolen from digital platforms during Q3 of 2024 is now irrecoverable.
Read More
- W PREDICTION. W cryptocurrency
- AAVE PREDICTION. AAVE cryptocurrency
- PENDLE PREDICTION. PENDLE cryptocurrency
- ZETA PREDICTION. ZETA cryptocurrency
- AEVO PREDICTION. AEVO cryptocurrency
- FutureNet Co-Founder Roman Ziemian Arrested in Montenegro Over $21M Theft
- JGN PREDICTION. JGN cryptocurrency
- BOBA PREDICTION. BOBA cryptocurrency
- FLOKI PREDICTION. FLOKI cryptocurrency
- BRG PREDICTION. BRG cryptocurrency
2024-10-18 21:04