Non Cult Crypto News

Non Cult Crypto News

in ,

Radiant Capital $58M hack an expensive ‘lesson’ for DeFi

Radiant Capital said it had resumed its Ethereum lending markets after implementing several security enhancements to its protocol. 

COINTELEGRAPH IN YOUR SOCIAL FEED

Radiant Capital has resumed its Ethereum lending markets following a hack that cost an estimated $58 million in digital assets. 

On Nov. 1, the lending protocol announced it had implemented improvements across its framework. This includes transferring ownership into a timelock contract. The Radiant Capital team said this enforces a mandatory 72-hour waiting period for any adjustments, claiming it fortifies Radiant’s security. 

The team also implemented an emergency admin role using a multisignature structure. The role is tasked with pausing and unpausing the lending protocol’s markets as necessary. 

In addition, its decentralized autonomous organization (DAO) has also increased its multisignature security, reducing the number of required signers to seven and having a four out of seven signing threshold. 

Multisignature wallets enhance security by requiring multiple signatures to execute or process crypto transactions. This eliminates the risk of a single point of failure associated with having only one private key. 

An expensive “lesson” for DeFi

The security enhancements follow an exploit that led to over $50 million in digital asset losses. On Oct. 16, Radiant Capital halted its lending markets after a cybersecurity breach on BNB Chain and Arbitrum. 

An attacker gained control of several signers’ private keys and smart contracts. This allowed the hackers to drain over $50 million in assets from the protocol. 

On Oct. 18, Radiant Capital confirmed in a post-mortem that the attackers compromised the devices of at least three of its core developers by injecting malware. 

Radiant Capital said that the devices were compromised in a way where the front-end of their wallets displayed legitimate transaction data while malicious transactions were signed and executed in the background. 

In an X post, security professional Patrick Collins described the incident as a “$50 million lesson” that the decentralized finance (DeFi) space needs to remember. Collins said an educational or tooling gap exists in verifying transactions using hardware wallets. 

Source: Patrick Collins

Meanwhile, the Radiant Capital hacker has already moved about $52 million of the stolen funds from the incident. On Oct. 24, blockchain security firm PeckShield said that the exploiter had already moved “nearly all” of the stolen funds. 

Related: Crypto security firm mistakenly shares drainer link to ‘help’ Radiant hack victims

Wallet signing issues in crypto

Phishing incidents in crypto have already led to millions in digital assets lost. On Aug. 21, a crypto phishing attack drained $55 million in stablecoins after a whale mistakenly signed a transaction that transferred the ownership of funds to attackers. 

Because of such incidents, hardware wallet Ledger believes there’s a need to promote clear signing in the crypto space. Ledger CEO Pascal Gauthier previously told Cointelegraph in an interview that the industry should move away from blind signing and that they partnered with several entities to educate the community with a clear signing initiative. 

Magazine: Most DePIN projects barely even use blockchain: True or false?

This article first appeared at Cointelegraph.com News

What do you think?

Written by Outside Source

Catzilla ready to claim the meme coin throne and compete with FLOKI and WIF

Crypto Price Analysis November-01: XRP, BNB, SOL, DOGE, and MKR

Back to Top

Ad Blocker Detected!

We've detected an Ad Blocker on your system. Please consider disabling it for Non Cult Crypto News.

How to disable? Refresh

Log In

Or with username:

Forgot password?

Don't have an account? Register

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

To use social login you have to agree with the storage and handling of your data by this website.

Add to Collection

No Collections

Here you'll find all collections you've created before.