Crypto Security Firm Mistakenly Shares Drainer Link in Radiant Capital Hack

Ancillamistakenlysharedawalletdrainerlinkduringthe$52MRadiantCapitalexploit.
RadiantCapitallost$51.5Mafterhackersaltereditssmartcontracts.
HackersgainedaccesstoRadiant’smulti-signaturewallet,exploitingthreeprivatekeys.

A$52millionexploithittheDeFilendingprotocolRadiantCapital.Afterwards,securityfirmAnciliadidnothingbutworsenthissituationbysharingawalletdrainerlinkwiththem,mistakenlysendingvictimstoascamsiteinsteadofofferinghelp.

Compromisingtheprotocol’sintelligentcontractsontoBNBChainandArbitrum,theattackersrequesteduserstorevokepermissions,protectingtheirremainingassets.Ancilia’smisguidedpostonlyleduserstoaphishinglink,increasingtheconfusionandrisk.

SecurityErrorCompoundsRadiantHack

Afterthebreach,RadiantCapitalusersturnedtocryptosecurityfirmsforadviceonprotectingtheirfunds.OneofthefirsttoreporttheexploitwasAncilia,whosharedahelpfullinktoallowuserstorevokepermissionsbelongingtotheexploitedcontracts.

Nevertheless,thisredirectedvictimstoamaliciouswalletdrainerwalletscammeanttostealevenmorefunds.TheerrorresultedfromAnciliarepostingcontentfromanimpersonatoraccountthatmimickedRadiantCapital’sofficialX(formerlyTwitter)account.

Earlier,theattackerswerebehindaRadianthackandhadrewrittentheprotocol’ssmartcontracts,exploitingthe‘transferFrom’function.Thisallowedthemto‘unlock’$515millionofdigitalassetslikeUSDC,WBNB,andETH.SincetherewereRadiantCapitalusers,theadvicewasrevoked.Cashisalegitimateservicethatdisconnectstheirwalletsfromcompromisedcontractsandpreventsfuturelosses.

CommunityBacklashandResponse

CryptocommunitymembersquicklycalledoutAncilia’smistakeandthefirm’snegligence.Theywarnedthattrustedsecurityfirmsmightinadvertentlyboostscamlinksinacrisis.Ancilladeletedthepostandapologized,sayingthattheofficialRadiantCapitalaccountshouldalwaysbewheretofindinformationfirst.

🚨~$58,000,000ExploitAlert🚨

RadiantCapitalcontractswereexploitedonBSC&ARBchainswiththe\'transferFrom\'function,whichallowedtodrainusers\'funds,namely$USDC$WBNB$ETHandothers

⚠️RevokeapprovalsASAP👇
0xd50cf00b6e600dd036ba8ef475677d816d6c4281pic.twitter.com/oUHyshwEmL

—De.FiAntivirusWeb3🛡️(@De_FiSecurity)October16,2024

CryptocommunitymembersquicklycalledoutAncilia’smistakeandthefirm’snegligence.Theywarnedthattrustedsecurityfirmsmightinadvertentlyboostscamlinksinacrisis.Ancilladeletedthepostandapologized,sayingthattheofficialRadiantCapitalaccountshouldalwaysbewheretofindinformationfirst.

ThelatestscamtargetsraisedconcernsoverthesecurityoftheRadiantCapitalplatform,whichwasexploitedtwicein2024.InJanuary,hackersusedaflashloanattacktosteal$45millionfromtheprotocol.Afterthemostrecentbreach,Radiantworkedwithseveralsecurityfirmstoinvestigatewhathappenedandtohelppreventsuchexploitsfromhappeningagain.

cryptonewsland.com