Cross-Chain Protocol Radiant Capital Halts Lending Markets Amidst Hack
Radiant Capital, a prominent cross-chain lending protocol, has temporarily suspended its lending operations following a significant security breach. The company reported an alarming $4.5 million hack targeting one of its newest USD Coin (USDC) markets. This incident underscores the growing concerns over cybersecurity in the rapidly evolving cryptocurrency sector.
Beosin Identifies Attack Origin
Blockchain security firm Beosin conducted an initial investigation into the incident. They identified the root cause as a vulnerability exploited by the attacker, involving a “rounding problem” in the protocol’s code. This flaw allowed the attacker to profit from repeated deposits and withdrawals, manipulating the system for financial gain.
Details of the $4.5 Million Heist
Arbiscanner’s report sheds light on the attacker’s method, revealing that they successfully extracted $4.5 million in Ethereum (ETH) from Radiant Capital. The attacker exploited the platform’s vulnerability, manipulating the index parameter to cause a cumulative precision error in the calculations.
Radiant Capital’s Immediate Response
In response to this breach, Radiant Capital has suspended its lending and borrowing services on the Arbitrum network. The company reassures its users that no further funds are at risk and has committed to conducting a thorough investigation. They aim to resume normal operations once the inquiry is complete and the issue is resolved.
Contextualizing the Attack within the Industry
The incident at Radiant Capital is not an isolated event in the cryptocurrency world. Earlier this year, the Orbit Chain protocol suffered a massive hack, resulting in losses of $81.5 million. These incidents highlight the increasing sophistication of cybercriminals targeting the digital currency space.
The Aftermath and Future Measures
Radiant Capital’s team is currently analyzing the breach to identify its root cause. They are also collaborating with international law enforcement agencies to address this security lapse. While the stolen cryptocurrency remains unspent at the identified addresses, the company is taking steps to prevent future attacks and enhance its security protocols.