Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
Crypto Security Firm Ancilia Under Fire for Sharing Malicious Link Amid Radiant Capital Hack

Crypto Security Firm Ancilia Under Fire for Sharing Malicious Link Amid Radiant Capital Hack

CryptoNewsCryptoNews2024/10/17 08:04
By:Ruholamin Haqshanas

Ancilia shared a drainer link which they believed to be an official source.

Last updated:
October 17, 2024 02:13 EDT

Crypto security firm Ancilia is facing backlash after sharing a malicious crypto drainer link while attempting to assist users affected by a recent $52 million exploit targeting the lending protocol Radiant Capital .

The hack, which took place on October 16, saw attackers steal around $51.5 million worth of assets from the protocol.

Following the attack, Radiant Capital users scrambled to revoke permissions to protect their remaining funds.

Ancilia Shares Drainer Link as Official Link

Ancilia stepped in to aid users, but their efforts backfired when they shared a link from what they believed to be an official source.

The link, however, led to a wallet drainer, risking further losses for those who followed the instructions.

Crypto commentator “Spreek” highlighted the issue, sharing a screenshot of Ancilia’s now-deleted post.

Spreek pointed out that Ancilia had reposted a “scam link” originating from a fake Radiant X account.

Ancilia’s message had urged users to “follow the link from this official message” to revoke permissions, but the link was designed to steal funds from any user who clicked it and accepted the permissions.

“For god’s sake, if you are a ‘trusted’ security account, you need to absolutely make sure to never do this,” Spreek posted on X.

In response to the Radiant Capital hack, crypto security firm De.Fi posted on X on October 16, detailing how the attackers had exploited vulnerabilities within the protocol’s smart contracts on Binance Smart Chain and Arbitrum.

The exploit allowed them to alter the contracts, facilitating the theft of approximately $51.5 million in assets, including USD Coin (USDC), Wrapped BNB (WBNB), and Ether (ETH).

🚨~$58,000,000 Exploit Alert🚨

Radiant Capital contracts were exploited on BSC & ARB chains with the 'transferFrom' function, which allowed to drain users' funds, namely $USDC $WBNB $ETH and others

⚠️Revoke approvals ASAP👇
0xd50cf00b6e600dd036ba8ef475677d816d6c4281 pic.twitter.com/oUHyshwEmL

— De.Fi Antivirus Web3 🛡️ (@De_FiSecurity) October 16, 2024

De.Fi explained that the protocol’s multi-signature wallet, which requires the approval of 11 signers, was compromised when hackers gained access to three private keys.

With these keys, the attackers manipulated the smart contracts, enabling them to drain user funds.

Radiant Capital Faces Second Breach This Year

This is the second significant breach Radiant Capital has faced this year.

In January, hackers exploited another vulnerability, leading to a $4.5 million loss.

In light of the recent attack, Radiant Capital announced that it is collaborating with several security firms, including SEAL911, Hyperactive, ZeroShadow, and Chainalysis, to address the issue and prevent further damage.

Meanwhile, phishing attacks remain a major issue for crypto users, resulting in substantial losses.

In September alone, more than 10,000 individuals lost over $46 million to such scams, as reported by Scam Sniffer, a Web3 anti-scam platform.

The platform revealed that 10,805 victims suffered losses amounting to $46.7 million from various crypto phishing scams last month.

Just recently, it was revealed that cybersecurity scammers are using automated email replies to compromise systems and deliver stealthy crypto mining malware.

This comes on the heels of another malware threat identified in August.

The “Cthulhu Stealer,” which affects MacOS systems , similarly disguises itself as legitimate software and targets personal information, including MetaMask passwords, IP addresses, and cold wallet private keys.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!