tl;dr
Blockchain security firms reported an exploit on Radiant Capital's lending markets across BNB Chain and Ethereum's layer-2 network Arbitrum. The exploit resulted in the draining of at least $16 million from Radiant on BNB and roughly $50 million from various trading pools, including USDT, USDC, and ...
Radiant Capital experienced a significant exploit across chains, with at least $16 million drained on BNB and roughly $50 million siphoned from trading pools, prompting the pausing of markets and collaboration with security firms.
Blockchain security firms reported an exploit on Radiant Capital's lending markets across BNB Chain and Ethereum's layer-2 network Arbitrum. The exploit resulted in the draining of at least $16 million from Radiant on BNB and roughly $50 million from various trading pools, including USDT, USDC, and ARB. Radiant Capital confirmed the suspicious activity, working with security firms and pausing markets on Ethereum and Base. The protocol advised users to revoke permissions to its smart contracts. This is not the first time Radiant Capital has experienced such an incident, having lost over $4.5 million in a previous exploit on Arbitrum.
Radiant Capital suffered an exploit across chains, several blockchain security firms said Wednesday, as the project confirmed that an “issue” had emerged with its lending markets. Blockchain security firm Ancilia Inc. first reported suspicious activity on a Radiant Capital smart contract on BNB Chain at 1:35pm ET on Wednesday in a Twitter (aka X) post. A list of on-chain transactions appeared to show hackers had drained at least $16 million from Radiant on BNB, according to Ancilia. Assets were then drained from Radiant's pools on Ethereum layer-2 network Arbitrum. Hacken, another security firm, said in a tweet that roughly $50 million in digital assets appear to have been siphoned from various trading pools on Radiant, including those holding USDT, USDC, and ARB.
Radiant Capital confirmed in a Twitter post on Wednesday that suspicious activity was occurring on its protocol, stopping short of labeling the incident a cybersecurity incident. “We are aware of an issue with the Radiant Lending markets on Binance Chain and Arbitrum,” the project said. “We are working with SEAL911, Hypernative, ZeroShadow, and Chainalysis and will provide an update as soon as possible.” Radiant Capital has paused markets on Ethereum and layer-2 network Base “until further notice,” according to the protocol's statement. It has also advised its users to revoke all permissions to the smart contracts that power its protocol. Revoke.Cash has launched a page that lets users find out whether they're at risk. Radiant Capital did not immediately respond to Decrypt's request for comment. This isn't the first time Radiant Capital has lost funds in a cybersecurity incident. In January, the protocol lost more than $4.5 million to a flash loan-based exploit on Arbitrum.