Radiant Capital is working with the FBI and U.S. authorities to trace funds stolen in a sophisticated hack that occurred on October 16, 2024. The attack involved a sophisticated malware injection targeting developers’ hardware wallets, which led to unauthorized fund transfers.
Method of Attack and Steps to Recover Stolen Funds
The report states that the attackers employed a complex software injection to seize the hardware wallets of three main developers. This attack manipulated front-end transaction validation to carry out malicious operations in the background. Interestingly, this attack went unnoticed by Radiant Capital’s internal security team and external audits from companies like SEAL911 and Hypernative. The attackers exploited vulnerabilities in the typically secure multi-signature setup process.
More than $50 million worth of USDC, WBNB, and ETH was stolen. The attackers drained these funds by emptying liquidity pools on the Binance Smart Chain and Arbitrum networks.
Radiant Capital’s Security Measures
Following the incident, the company began tracking the stolen funds in collaboration with the FBI and cybersecurity firms. As a result of tracing digital footprints, some assets were frozen. Additionally, Radiant Capital is reviewing its security protocols and multi-signature verification processes. New measures include stricter signature validations and confirmations through independent devices.
The development team has also updated their cold wallets and started using new devices. Furthermore, the signature requirements for managers and the DAO have been tightened. Reducing the number of signatories from ten to seven and raising the signature threshold to 60% has made transaction execution more secure.
Additionally, transaction data is being cross-checked via Etherscan, which helps prevent errors and validate transactions. Radiant Capital plans to resume activity in the Base and Ethereum $2,910 markets within a few days.
Radiant Capital is preparing to deploy new smart contracts related to the stolen assets to strengthen its infrastructure. These changes will enhance the company’s defensive capabilities against potential attacks.
With the rise in crypto attacks, law enforcement is paying more attention to these incidents. There was also a request for a five-year prison sentence in the trial of Ilya Lichtenstein, who was responsible for the 2016 Bitfinex hack.
Radiant Capital aims to build a more robust framework against future potential attacks by strengthening security measures. The collaboration with the FBI underscores the importance of security in the industry.