- Ancilia mistakenly shared a malicious link, worsening the impact of a $52 million Radiant Capital hack.
- The attackers gained access to private keys, altering smart contracts to steal various crypto assets.
- Radiant Capital advises users to revoke permissions through revoke.cash following the security breach.
Ancilia, a cybersecurity company in the crypto industry, is facing scrutiny after accidentally sharing a harmful link during the aftermath of a $52 million exploit on Radiant Capital. The company’s misguided action involved reposting a link from an impersonator account, which turned out to be a wallet drainer, potentially leading to further losses for affected users. The incident unfolded as Radiant Capital users were desperately trying to secure their funds by revoking permissions following the hack on October 16.
According to reports, attackers managed to steal approximately $51.5 million in digital assets after altering the protocol’s smart contracts on BNB Smart Chain and Arbitrum. Key assets taken included USD Coin, Wrapped BNB, and Ether. The hackers reportedly obtained access to private keys linked to the multi-signature wallet controlling Radiant’s operations, which facilitated their attack.
Ancilia’s Misstep Draws Criticism
Spreek, a well-known crypto commentator, shared a screenshot revealing Ancilia’s since-deleted post. The post recommended Radiant users follow a link to revoke permissions; however, this link led to a fraudulent wallet drainer. The incident prompted backlash, with Spreek criticizing Ancilia for failing to adequately verify the link before sharing it. Crypto security firm De.Fi was among the first to notify users of the breach, warning that the altered smart contracts allowed attackers to seize funds.
Radiant Capital’s Response
In response to the security breach, Radiant Capital urged users to revoke permissions from compromised smart contracts using the platform revoke.cash. The company is currently collaborating with several security firms, including SEAL911, Hyperactive, ZeroShadow, and Chainalysis, to investigate and resolve the incident. This marks the second major exploit Radiant has faced this year, with a previous breach in January resulting in a $4.5 million loss due to a separate vulnerability in their system.
