More than $50 million worth of cryptocurrency was stolen from decentralized finance platform Radiant Capital on Wednesday evening.
In a post-mortem report published on Thursday, Radiant said the attack compromised three developers, all of whom are long-standing, trusted contributors to the platform. The company has marketed itself as a “one-stop shop” money market where users can deposit and borrow cryptocurrencies across different blockchains.
Several security experts said on social media that the hacker gained access to multiple private keys owned by company developers that allowed the threat actor to drain user funds from it.
“These developers used hardware wallets and were geographically distributed, reducing the likelihood of a coordinated physical attack,” the company said.
“Attackers were able to compromise the devices of at least these three core contributors through a sophisticated malware injection. These compromised devices were then used to sign malicious transactions.”
The report notes that it is likely other devices were targeted beyond the three that were compromised.
On the company’s Telegram channel, where it communicates with users, Radiant Capital official Konstantin Levin said unnamed U.S. law enforcement agencies were involved in the investigation alongside several blockchain security companies.
Levin explained that the company “experienced a highly sophisticated security breach that resulted in the loss of $50 million,” adding that the developers’ devices were compromised in a way that “displayed legitimate transaction data while poisoned transactions were signed and executed in the background.”
The compromised devices “presented no obvious warning signs beyond minor glitches and error messages” during routine processes.
Levin and the post-mortem report went through several technical factors to underscore the “high level of sophistication involved.”
“U.S. law enforcement and ZeroShadow are fully informed of the breach and are actively working to freeze all stolen assets,” Levin said. “The [company] is deeply devastated by this attack and will continue to work tirelessly with the respective agencies to identify the exploiter and recover the stolen funds as quickly as possible.”
The post-mortem does not mention if the platform plans to compensate users who had funds stolen. The platform’s operations have been paused since the attack began on Wednesday.
The incident was initially uncovered on social media by researchers who saw the hacker convert the stolen funds into about 12,800 ETH, worth about $33.5 million, and 32,100 BNB, worth about $19.3 million. Others said the losses could reach up to $58 million.
Radiant Capital’s website shows it has gone through several security audits by prominent blockchain security firms including Peckshield and Zokyo.
The incident on Wednesday, however, is the second hack affecting the platform this year after $4.5 million was stolen in January.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.