- A malicious attack targeting RDNTCapital leads to a substantial loss of 1,900 ETH worth $4.4 million.
- RDNTCapital responds to the security breach, temporarily halting lending and borrowing markets on Arbitrum for investigation.
Cyvers, a cybersecurity firm leveraging an AI-powered system, has uncovered a series of malicious activities targeting Radiant Capital (RNDTCApital). RDNTCapital, a decentralized finance (DeFi) platform aiming to unify liquidity across diverse lending protocols and chains, has recently fallen victim to a nefarious attack, raising concerns about the platform’s integrity.
The AI-powered system employed by Cyvers flagged suspicious transactions, indicating a potential issue of price manipulation. The consequence of this attack has resulted in a substantial loss exceeding $4.4 million for RDNTCapital.
ALERTOur AI-powered system has identified multiple #rugpull transactions on #ARB linked to this address: https://t.co/GZKVDypuAh. The address has been involved in creating numerous tokens.
The address has bridged 500K $USDT to $ETH, then swapping it to $DAI before depositing… pic.twitter.com/4l8JmdXmcd— Cyvers Alerts (@CyversAlerts) January 2, 2024
Cyvers identified the attackers’ address through a series of rugpull transactions on Arbitrum, unraveling the intricacies of the exploit. The attack’s modus operandi involved the address executing multiple transactions, bridging 500,000 USDT to ETH, conducting a swap to DAI, and eventually depositing the funds into TornadoCash. This discovery sheds light on the sophisticated methods employed by malicious actors in targeting DeFi platforms.
Radiant Capital Reponds
Radiant Capital, in response to a reported breach related to the recently established native USDC market on Arbitrum, promptly took to Twitter to address the situation. The Radiant DAO Council acted swiftly by temporarily halting lending and borrowing markets on Arbitrum, initiating a thorough investigation into the matter. Radiant Capital reassured its user base that existing funds remain secure and unaffected by the incident.
Today, we received a report of an issue with the newly created native USDC market on Arbitrum. After validation by Radiant developers and the wider Web 3 security community, the Radiant DAO Council paused lending/borrowing markets on Arbitrum temporarily while this is…
— Radiant Capital (@RDNTCapital) January 3, 2024
During the ongoing investigation, Radiant Capital emphasizes that user actions are currently restricted until the markets are reactivated on Arbitrum. The protocol commits to providing a detailed postmortem report for transparency once normal operations resume on the platform.
Ripple Effects for Arbitrum
The aftermath of the recent security breach not only casts a shadow over Radiant Capital but also leaves a mark on Arbitrum. Both platforms experienced a decline in weighted sentiment, reflecting a negative outlook in the social domain.
The cyber attack has triggered a comprehensive reevaluation of security measures and vulnerabilities within the DeFi ecosystems of these platforms. Despite the breach’s impact on sentiment, RDNT’s price demonstrated resilience, holding steady at $0.327795 with a modest growth of 1.45% in the last 24 hours.
In contrast, Arbitrum’s native token, ARB, experienced more significant growth, trading at $1.92 with an 11.24% increase in the same timeframe. The market response suggests that, at least as of the current assessment, the breach has not substantially affected the perceived value of the tokens.
As 2024 begins, the crypto market grapples with ongoing security challenges. On December 31, Orbit Bridge, a prominent cross-chain bridge protocol, experienced a substantial outflow of $81.5 million across various cryptocurrencies, sparking worries about a potentially significant security breach.
The Orbit exploit also involves five transactions that funneled substantial sums of stablecoins, wrapped Bitcoin, and Ethereum into distinct wallets. Officer CIA suggests that the attacker may have compromised multi-signature signers, initiating the attack with funds sourced from TornadoCash.