Share this article
Radiant Capital Loses $50M to Second Blockchain Exploit This Year
Attackers appear to have obtained three out of 11 private keys needed to upgrade the protocol.
Updated Oct 16, 2024, 8:46 p.m. Published Oct 16, 2024, 8:34 p.m.
Blockchain lending protocol Radiant Capital lost more than $50 million on Wednesday as the result of an apparent cyberattack, according to security experts and blockchain data.
An attacker gained control of Radiant Capital's blockchain contracts by obtaining three of the "private keys" that control the protocol, security experts said.
STORY CONTINUES BELOW
"Radiant Capital contracts were exploited on BSC & ARB chains with the 'transferFrom' function," Web3 security firm De.Fi explained on X. The exploit allowed attackers to "drain users' funds, namely $USDC $WBNB $ETH and others," the firm said.
Radiant is controlled by a multi-signature, or "multisig" wallet with 11 signers, De.Fi said in a separate X post. The attacker was apparently able to obtain three of these signers' "private keys," which was enough to upgrade the platform's smart contracts.
The Radiant platform encompasses a suite of tools allowing users to borrow, lend, and bridge cryptocurrencies across blockchains.
It's the second time this year that the protocol has been targeted in an exploit: In January, Radiant lost $4.5 million in an unrelated hack stemming from a bug in its smart contracts.
It was unclear at press time how the private keys were sabotaged in Wednesday's attack. Some members of an Ethereum security group on Telegram, the messaging app, speculated that the attack could've stemmed from a compromised front-end – meaning the legitimate Radiant key-holders may have accidentally interacted with a malware-laced protocol.
Radiant acknowledged the exploit in a post to its official X account, but it did not provide specific details.
"We are aware of an issue with the Radiant Lending markets on Binance Chain and Arbitrum," Radiant said. "We are working with SEAL911, Hypernative, ZeroShadow & Chainalysis and will provide an update as soon as possible. Markets on Base and Mainnet are paused until further notice."
Radiant, which is controlled by a decentralized autonomous community, or DAO, states on its website that its mission is to "unify the billions in fragmented liquidity across Web3 money markets under one safe, user-friendly, capital-efficient omnichain."
This is a developing story. Radiant Capital did not immediately respond to a request for comment.
UPDATE (20:45 UTC, 10/16/24): Adds background information regarding Radiant and another hack in January, 2024.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
ZKsync Lite to Shut Down in 2026 as Matter Labs Moves On
The company framed the move, happening in early 2026, as a planned sunset.
What to know:
- Matter Labs plans to deprecate ZKsync Lite, the first iteration of its Ethereum layer-2 network, the team said in a post on X over the weekend.
- The company framed the move, happening in early 2026, as a planned sunset for an early proof-of-concept that helped validate their zero-knowledge rollup design choices before newer systems went live.
Top Stories
