• Ancilla mistakenly shared a wallet drainer link during the $52M Radiant Capital exploit.
  • Radiant Capital lost $51.5M after hackers altered its smart contracts.
  • Hackers gained access to Radiant’s multi-signature wallet, exploiting three private keys.

A $52 million exploit hit the DeFi lending protocol Radiant Capital. Afterwards, security firm Ancilia did nothing but worsen this situation by sharing a wallet drainer link with them, mistakenly sending victims to a scam site instead of offering help. 

Compromising the protocol’s intelligent contracts onto BNB Chain and Arbitrum, the attackers requested users to revoke permissions, protecting their remaining assets. Ancilia’s misguided post only led users to a phishing link, increasing the confusion and risk.

Security Error Compounds Radiant Hack

After the breach, Radiant Capital users turned to crypto security firms for advice on protecting their funds. One of the first to report the exploit was Ancilia, who shared a helpful link to allow users to revoke permissions belonging to the exploited contracts. 

Nevertheless, this redirected victims to a malicious wallet drainer wallet scam meant to steal even more funds. The error resulted from Ancilia reposting content from an impersonator account that mimicked Radiant Capital’s official X (formerly Twitter) account.

Earlier, the attackers were behind a Radiant hack and had rewritten the protocol’s smart contracts, exploiting the ‘transferFrom’ function. This allowed them to ‘unlock’ $515 million of digital assets like USDC, WBNB, and ETH. Since there were Radiant Capital users, the advice was revoked. Cash is a legitimate service that disconnects their wallets from compromised contracts and prevents future losses.

Community Backlash and Response

Crypto community members quickly called out Ancilia’s mistake and the firm’s negligence. They warned that trusted security firms might inadvertently boost scam links in a crisis. Ancilla deleted the post and apologized, saying that the official Radiant Capital account should always be where to find information first.

Read CRYPTONEWSLAND on google news

🚨~$58,000,000 Exploit Alert🚨

Radiant Capital contracts were exploited on BSC ARB chains with the 'transferFrom' function, which allowed to drain users' funds, namely $USDC $WBNB $ETH and others

⚠️Revoke approvals ASAP👇
0xd50cf00b6e600dd036ba8ef475677d816d6c4281 pic.twitter.com/oUHyshwEmL

— De.Fi Antivirus Web3 🛡️ (@De_FiSecurity) October 16, 2024

Crypto community members quickly called out Ancilia’s mistake and the firm’s negligence. They warned that trusted security firms might inadvertently boost scam links in a crisis. Ancilla deleted the post and apologized, saying that the official Radiant Capital account should always be where to find information first.

The latest scam targets raised concerns over the security of the Radiant Capital platform, which was exploited twice in 2024. In January, hackers used a flash loan attack to steal $45 million from the protocol. After the most recent breach, Radiant worked with several security firms to investigate what happened and to help prevent such exploits from happening again.

disclaimer read more

Crypto News Land, also abbreviated as "CNL", is an independent media entity - we are not affiliated with any company in the blockchain and cryptocurrency industry. We aim to provide fresh and relevant content that will help build up the crypto space since we believe in its potential to impact the world for the better. All of our news sources are credible and accurate as we know it, although we do not make any warranty as to the validity of their statements as well as their motive behind it. While we make sure to double-check the veracity of information from our sources, we do not make any assurances as to the timeliness and completeness of any information in our website as provided by our sources. Moreover, we disclaim any information on our website as investment or financial advice. We encourage all visitors to do your own research and consult with an expert in the relevant subject before making any investment or trading decision.