Last night, decentralized finance (DeFi) platform @RDNTCapital fell victim to a significant security breach that resulted in a massive loss of funds from its markets.
The attack targeted the platform’s multisig wallet, which is responsible for critical tasks such as contract upgrades and transferring funds.
The wallet, identified as 0x111ceeee040739fd91d29c34c33e6b3e112f2177, operates on a multisignature model that requires 3 out of 11 signatures to authorize transactions.
Unfortunately, the attacker managed to gain control of permissions for three of the wallet’s signers, bypassing security measures.
By using these three compromised private keys to sign off-chain, the hacker was able to transfer ownership of the LendingPoolAddressesProvider to a malicious contract.
The attacker then updated the lending pool’s logic to a backdoor contract, which allowed them to siphon funds from various lending markets.
Funds Stolen Now Converted To ETH And BNB
The stolen funds were quickly converted into native tokens and are now held in two wallets. One address currently holds 12,835 ETH, valued at around $33.56 million, while the second wallet contains 32,113 BNB, worth approximately $19.35 million.
This exploit marks a significant setback for @RDNTCapital and highlights the ongoing risks and vulnerabilities within the DeFi ecosystem.
Despite the use of multisig wallets, which are generally seen as a security measure, the breach illustrates how even trusted mechanisms can be undermined if private keys are compromised.
As investigations continue, the platform is working to address the security flaws and potentially recover the stolen assets.
Disclosure: This is not trading or investment advice. Always do your research before buying any Metaverse crypto coins.