Radiant Capital Pauses Operations Amid $4.5M Flash Loan Attack Exploit on Arbitrum
Summary:
Radiant Capital, a cross-chain lending protocol, has temporarily shut down its lending and borrowing on Arbitrum due to a reported $4.5 million exploit on a newly established USDC Coin (USDC) market. The exploit, described as a flash loan attack, involved a programming "rounding issue" that led to a "cumulative precision error." The attacker leveraged this vulnerability to profit through repeated deposits and withdrawals, siphoning off a total of $4.5 million in Ether (ETH). The company has assured investors that additional funds are not at risk and has promised a detailed analysis of the incident.
The cross-chain financial platform Radiant Capital has temporarily halted loaning and borrowing activities on Arbitrum due to an alleged $4.5 million breach centered around its newly established USDC Coin (USDC) sector. The company publicized this alarming event on X (formerly known as Twitter) on January 3rd, which was afterwards corroborated by the Radiant's development team and the broader web cybersecurity fraternity.
The said breach was portrayed as a flash loan attack by blockchain security agency Beosin, where the intruder capitalized on a "rounding issue" in the programming, which subsequently resulted in a "cumulative precision error". This programming vulnerability allowed the culprit to profit via recurrent deposit() and withdraw() functions, according to Beosin's Jan. 3rd X post. PeckShield, in a prior Jan. 2nd broadcast, recognized the problem as a consequence of a "known rounding issue" in the prevailing Compound/Aave system.
According to Arbitrum block explorer Arbiscanner, the assailant was able to extract an aggregate of $4.5 million in Ether (ETH) from the protocol. Radiant Capital subsequently seized all loaning and borrowing procedures on Arbitrum and guaranteed stakeholders that no further capital is under imminent threat. It also swore to provide a comprehensive analysis soon and to recommence regular operations once the enquiry is fully underway.
As Crypto X spotlighted the rising number of faux Radiant Capital accounts sharing illegitimate links under the guise of customer assistance. The fake accounts have been attempting to deceitfully attract users into pressing these phishing hyperlinks. Radiant Capital operates as a decentralized borrowing and lending protocol, powered by LayerZero technology with the ability to work across different chains. The protocol currently boasts a remarkable total of $315 million in terms of value locked, as indicated by DefiLlama.
Published At
1/3/2024 8:15:01 AM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.