Radiant Capital suffers $50 million cyberattack amid DeFi platform vulnerabilities

Lending protocol Radiant Capital has experienced a significant cyberattack targeting its contracts on BNB Chain and Arbitrum, resulting in a loss of over $50 million. The incident, which drained approximately $32 million from Arbitrum and $18 million from BNB Chain, marks the second major exploit against the platform this year.

Security experts first detected the exploit, with Ancilia, a Web3 cybersecurity firm, observing unusual transfers initiated through Radiant Capital’s contracts. In response, Radiant confirmed that four of its contracts were compromised and urged users to revoke approvals for these contracts to prevent further unauthorized transfers. As a precaution, the platform suspended its markets on Base and Mainnet.

Radiant Capital is working with cybersecurity partners SEAL911, Hypernative, ZeroShadow, and Chainalysis to address the breach. Initial analysis revealed that the attacker gained control of three out of 11 multisig approval private keys, allowing them to drain funds from the protocol’s lending pools, which included assets such as Wrapped BNB (WBNB), Wrapped Ether (WETH), USD Coin (USDC), and Tether (USDT). The low multisig approval threshold has raised concerns about the platform’s security measures.

Further complicating the situation, Ancilia accidentally shared a link to a malicious wallet drainer while attempting to assist affected users, leading to additional funds being stolen. The firm faced backlash from the community for its mishandling of the situation and lack of proper security practices.

The attack caused a sharp decline in the value of Radiant Capital’s native token, RDNT, which dropped by 9% to approximately $0.066. The platform’s market cap also fell from $84 million to $75.8 million. This follows a previous attack in January 2024, which resulted in the theft of $4.5 million worth of Ethereum through a flash loan exploit.