Radiant Capital Loses $58M in Major Hack: Private Keys Compromised

• Radiant Capital’s multisig hack led to $58M in stolen funds, exposing vulnerabilities in centralized control on BSC and Arbitrum.
• Radiant Capital halted operations on Base and Mainnet after hackers compromised multisig wallets, impacting core lending services.
• Experts urge decentralized security as multisig vulnerabilities expose Radiant to a $58M loss, underscoring Web3’s evolving security needs.

Radiant Capital, a decentralized lending platform, recently suffered a massive hack, losing approximately $58 million. The breach occurred after private keys controlling the multisig wallet were compromised, as revealed by Revoke.cash on X (formerly Twitter). De.Fi Antivirus, a cybersecurity firm, confirmed the attack, noting that hackers exploited the “transferFrom” function to drain funds across Binance Smart Chain (BSC) and Arbitrum.

Significant Financial Impact on Radiant Users

Consequently, millions in assets like USDC, WBNB, and ETH were stolen. Ancilia Inc. supported De.Fi’s findings, estimated losses at $50 million. Radiant Capital has paused markets on Base and Mainnet while working with cybersecurity partners like SEAL911 and Chainalysis to assess the damage. 

Radiant’s core lending services, which allow users to borrow, lend, and bridge cryptocurrencies, have taken a massive hit. The platform faced a similar breach earlier this year, losing $4.5 million due to a smart contract bug.

Multisig Vulnerabilities Exposed

Multisigs, a popular Web3 security method, are under fire. Many experts, including EigenLayer’s founder Sreeram Kannan, have raised concerns about the centralized vulnerabilities of multisigs. Although they offer some protection, attackers exploited Radiant’s system by obtaining the private keys of three signers. This allowed them to hijack smart contracts and steal user funds.

Moving Beyond Centralized Multisigs

The Radiant hack sheds light on Web3’s broader security challenges. According to a report by Hacken, exploits of access control mechanisms accounted for $316 million stolen in Q3 2024. This incident highlights the growing need for decentralized security solutions. 

Losses across various attack types in 2024. Source: Hacken

Read CRYPTONEWSLAND on google news

Besides, this hack raises important questions about the role of centralized control in decentralized ecosystems. As blockchain evolves, a shift to more secure and truly decentralized security solutions seems inevitable.