Radiant Capital has been stolen, and scammers stole about $51 million from users on Arbitrum chain & BNB instances. A security company, Ancilia Inc, aware of it's users on X about the scam a couple hours ago.
Source: X
The attack began on Friday afternoon on Radiant’s Ethereum 2-Layer service and then roll out to the BNB Chain. According to the Arkham Intelligence, there were lot of unauthorized transfers from user accounts.
The scammers reportedly uses a Transfer from function which allows one account to move coins from another account to a third account. To do this, the sufferer must give permission to the fake wallet address.
Ancilia suggest all users to “cancel your approval ASAP” permissions for Radiant contracts to protect their account and funds.
A security expert from Fuzzland, Tony Ke, noted that while the ETH and Base systems seem safe, users should be cautious. He also stated, “Radiant Capital has fallen sufferer to a hack causing $51.5 million in losses so far across BNB and Arbitrum Chain.”
Tony Ke explained that a backdoor contract was created around 17:09 UTC on Friday. This allowed the scammers to access user accounts and transferring coin. The investigation refers that the hack might have come from internal issue.
Ke noted that “anyone was either scam or there was a compromised computer” that led to Radiant’s private information being leaked.