Decentralized finance (DeFi) lending protocol Radiant Capital temporarily paused its operations on the Ethereum layer2 network Arbitrum after it was exploited for 1,900 ETH, or $4.5 million.
In a Jan. 3 post on social media platform X (formerly Twitter), the cross-chain lending protocol confirmed that it received a report of an issue with its newly created native USDC market on Arbitrum.
“After validation by Radiant developers and the wider Web 3 security community, the Radiant DAO Council paused lending/borrowing markets on Arbitrum temporarily while this is investigated further,” it added.
The platform did not provide additional information about the cause of the issues.
However, several blockchain security firms, including CertiK, stated that the protocol experienced a flash loan attack, allowing the attacker to “inflate the liquidity index and then exploit the rounding issue in `rayDiv()` during deposit() and withdraw() to drain the lending pools.”
Beosin Alert further explained that the Radiant USDC contract has a rounding issue in its calculation, leading to the error. As such, the attacker manipulated the index parameter to a higher volume.
“The attacker manipulated the index parameter (which later served as a denominator) to become extremely large. The contract has a rounding issue in its calculations, which led to a cumulative precision error. Since the index parameter was dramatically inflated, this precision error was also magnified, ultimately allowing the attacker to profit through repeated deposit() and withdraw() operations,” Beosin Alert wrote.
Social media platform X has been inundated with fake Radiant Capital accounts posting phishing links to help users revoke approvals. However, the official account for the protocol already urged the community to verify information from official channels and warned that “many imitation accounts will likely spread misinformation or fake links.”
Meanwhile, the event did not drastically impact the total value of assets locked on the protocol, which currently sits at around $315 million as of press time, according to DeFillama data.
Bitcoin 2023 year in review: Analysis of BTC’s key metrics
CryptoSlate’s latest market report dives deep into Bitcoin’s performance over the past year, analyzing a range of metrics to provide a more objective and comprehensive perspective of its YTD growth.
Bunzz Launches AI-Powered Smart Contract Audit Tool with Free Audits for First 20 Projects
Major Partners to Join the Upcoming Aleph Zero CTRL+Hack+ZK Hackathon
Delysium Unveils Lucy — the Operating System (OS) of the “YKILY” AI Agent Network
More Stories
Bitfinex CTO dismisses rumors of major database breach, suggests misinformation by hackers
DeFi protocols Sonne Finance and ALEX Lab lose over $24 million in separate hacks
Anchorage Digital Adds Support for Native DYDX Staking