Radiant Capital has confirmed that the devices of at least three core developers were compromised through a malware injection on October 16, leading to a significant theft of digital assets from the BNB Chain and Arbitrum networks. The attackers utilized sophisticated malware to sign malicious transactions while appearing legitimate on the Safe{Wallet} interface, making detection challenging. This breach occurred during a routine multisignature emissions adjustment, where legitimate transaction approvals were intercepted and replaced with malicious ones before being sent for signatures. As a result, the hackers successfully gathered three valid signatures, draining assets worth $50 million. Although the process of the attack seemed standard, it ultimately led to further withdrawals from users' accounts. Radiant Capital has since advised users to revoke all approvals on various chains to prevent additional losses, as similar access control exploits have contributed to a substantial percentage of stolen crypto funds recently.

Source 🔗