Radiant Capital’s $58 million hack was a good, but quite pricey lesson

-

Radiant Capital is back in action after a painful setback, having resumed its Ethereum lending markets following a hack that resulted in $58 million loss in digital assets.

Security upgrades

On November 1, the lending protocol announced that it had implemented several security upgrades to prevent future incidents.

Radiant Capital
X

One major change was transferring ownership into a timelock contract, which enforces a mandatory 72-hour waiting period for any adjustments. This move is designed to bolster Radiant’s security and give the team more time to react to potential threats.

Also, Radiant introduced an emergency admin role that uses a multisignature setup. This role allows designated members to pause and unpause the lending markets as needed, adding another layer of protection.

The DAO also adjusted its multisignature security requirements, reducing the number of signers needed from eight to seven, with a four-out-of-seven signing threshold.

Multisignature wallets enhance security by requiring multiple signatures to complete crypto transactions. This approach helps eliminate risks associated with relying on a single private key.

A wake-up call

These security upgrades come after Radiant Capital faced a serious breach that forced them to halt their lending markets on October 16.

An attacker managed to gain control of several signers’ private keys and smart contracts, allowing them to siphon off over $50 million in crypto.

In a post-mortem released on October 18, Radiant confirmed that at least three of its core developers had their devices compromised through malware.

This malware made it appear as though legitimate transaction data was being displayed while malicious transactions were secretly signed and executed in the background.

High tuition

The well-known security expert Patrick Collins described the incident as a “$50 million lesson” for the DeFi community, and he pointed out that there’s a significant educational gap when it comes to verifying transactions with hardware wallets.

X/Patrick Collins

As for the hacker, they’ve already moved about $52 million of the stolen funds. Blockchain security firm PeckShield shared that the exploiter had transferred “nearly all” of the stolen assets by October 24.

Phishing attacks have been rampant in the crypto world, leading to millions in losses. For example, on August 21, a phishing scam drained $55 million in stablecoins after a whale accidentally signed a transaction that transferred ownership of their funds to attackers.

In light of these incidents, hardware wallet company Ledger also emphasized the need for clearer signing processes in crypto transactions.

Ledger CEO Pascal Gauthier previously stated that the industry should move away from blind signing practices and has partnered with various organizations to promote clearer signing initiatives.

Have you read it yet? Trump’s Bitcoin strategy will save USA?


Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.

LATEST POSTS

Trump considers a new government role, the crypto-czar

President-elect Donald Trump is reportedly mulling over the idea of appointing a Crypto-Czar to help shape U.S. policy on blockchain and digital assets. This move...

XRP, SOL, and DOGE ETFs are coming?

The crypto ETF sector is heating up after the major success of Bitcoin's spot ETF launch in the U.S. Nate Geraci, president of The ETF...

Binance unveils BFUSD, but it’s not stablecoin

Binance is in the news again, with its latest token, BFUSD, which promises annual percentage yield of 19.55%. But before it even launches, the new...

Bitfinex hacker sentenced to 5 years

Ilya Lichtenstein, the mastermind behind one of the largest cryptocurrency hacks in history, has been sentenced to five years in prison for his role in...

Most Popular

Guest posts