Multi-chain lending protocol Radiant Capital was hacked with 1,900 ETH, and the Arbitrum lending market was urgently closed.

The native USDC market launched by multi-chain lending protocol Radiant Capital on Arbitrum is suspected of having a vulnerability. The attacker used this to transfer approximately 1,900 ETH from rETH, with a total value of approximately US$4.4 million. The team has urgently closed the lending market on Arbitrum to avoid further losses.

According to Paidun, the attackers were exploiting a known vulnerability, and there was a window of time when the lending market (a fork of Compound/Aave) activated a new market in which hackers could attack. . In addition, Paidun added that when a new market is created, setting the Collateral Factor (CF) to 0 can effectively avoid this problem.

Today's hack on @RDNTCapital results in the loss of 1.9k eth (~$4.5m). The root cause is not new: It basically exploits a time window when a new market is activated in a lending market (forked from the popular Compound/Aave). The exploitation also relies on a known rounding… https://t.co/XogWUVO3po pic.twitter.com/x5X9ql8AGA

— PeckShield Inc. (@peckshield) January 2, 2024

After the incident, the Radiant Capital contract deployer also left a message to the vulnerability exploiter through on-chain messages:

"We wanted to contact you about the vulnerability you exploited today. We're glad you found it! We're assuming you implemented this exploit as a white hat or gray hat (for various reasons), so we'd like to make a connection , to resolve the following issues. Please send us a message at RadiantBugNegotiation@radiant.capital so we can discuss further."

Due to the small scale of the attack, the RDNT token price was not severely affected. However, users should not take this lightly. They need to pay attention to false information on social platforms, because many fake accounts are taking this opportunity to spread false news and trick users into clicking on phishing links in the name of "revoking authorization." Please be careful.

This article Multi-chain lending protocol Radiant Capital was hacked with 1,900 ETH, and the Arbitrum lending market was urgently closed. First appeared on Zombit.