$50M Heist: Hackers Target Binance DeFi App

$50M Heist: Hackers Target Binance DeFi App
l2

The Vulnerability and Its Exploitation

On October 16, hackers executed a meticulously planned attack on Radiant Capital. By exploiting a smart contract vulnerability, they siphoned funds from two major blockchain networks: BNB Smart Chain (BSC) and Arbitrum, an Ethereum Layer 2 (L2) scaling solution. This incident marks one of the largest thefts in the DeFi landscape, highlighting persistent security challenges within smart contract deployments.

How Users Can Protect Their Funds

In DeFi platforms, users often grant permissions to smart contracts from their wallets, enabling these contracts to move tokens and perform transactions on their behalf. This is done via the “Approve” function, which sets a limit on the tokens that the contract can handle. In response to the breach, Binance has emphasized the critical need for users to revoke these permissions:

  • Navigate to the BscScan Token Approval Checker within your Binance Web3 wallet.
  • Connect to your wallet and review all smart contracts authorized to spend your tokens.
  • Select the permissions you wish to revoke.
  • Click “Revoke” to trigger a signature request in your wallet.
  • Confirm the transaction to complete the revocation process.

Similar steps are recommended for contracts on other networks to ensure comprehensive security.

How Did the Attack Unfold?

The breach was orchestrated using a “backdoor contract” implemented into the DeFi infrastructure. Such contracts include hidden access points that allow attackers to exploit vulnerabilities in the “transferFrom” function—a smart contract function that transfers tokens from one user account to another, but only if the user has previously authorized this transfer. In the case of the Radiant Capital hack, attackers exploited weaknesses in the transferFrom implementation to move tokens without proper authorization.

While the transferFrom function is a staple of the Ethereum ERC-20 standard, both BNB Smart Chain and Arbitrum are closely related technologies. According to Ancilla, a Web3 security firm, this method allowed unauthorized fund withdrawals.

Response from Radiant Capital

In response to the incident, Radiant Capital has announced a reimbursement of $10 million to affected users. The platform has temporarily shuttered its markets on Base, another L2 of Ethereum, and its main network, which includes BSC and Arbitrum. Radiant Capital is collaborating with security firms such as SEAL911, Hypernative, ZeroShadow, and Chainalysis to investigate the breach and restore security measures.