Radiant Capital, a top decentralised finance (DeFi) platform, has joined forces with US law enforcement and Web3 security experts to recover over $50 million following a recent hack. Described as one of the most complex attacks in the DeFi space, the breach involved the exploitation of Radiant’s lending pools across Binance Smart Chain (BSC) and Arbitrum networks.
Sophisticated Attack Tactics
In its post-mortem report, Radiant revealed that the attackers used advanced malware to compromise hardware wallets of three developers. By mimicking typical transaction errors, the hackers gathered multiple signatures undetected. Once they had the necessary approvals, they executed the “transferOwnership” function, gaining control of Radiant’s lending pools.
— Safe (@safe) October 18, 2024
Safe, the front-end service used by Radiant, denied any interface compromise, stating that the attack stemmed from a “blind signing error.”
Security Measures Strengthened
In response, Radiant has implemented several immediate security upgrades. These include generating new cold wallet addresses on secure devices for team members and reducing the number of signers required for multi-signature transactions to seven, with 60% approval needed for validation.
Additionally, Radiant has introduced a 72-hour delay for contract updates and ownership transfers, enforced by timelock contracts, to allow for thorough review by developers and the community.
Future Safeguards
To prevent similar incidents, Radiant has recommended stronger signature verification processes, using separate devices to check transaction data, and avoiding blind signing of critical transactions. They also plan to conduct automatic audits whenever error messages are triggered, catching vulnerabilities earlier.
Radiant’s efforts aim not only to recover the stolen funds but also to help other DeFi platforms avoid similar threats.
