BlockBeats News, on October 18th, Radiant Capital officially reviewed on social media that the protocolo experienced a highly complex security vulnerability on the 16th, resulting in a loss of $50 million. The attackers injected advanced malware into the hardware monedero of multiple developers. During the intrusion, the frontend of Safe{Wallet} (also known as Gnosis Safe) displayed legitimate transaction data, while the poisoned transactions were signed and executed in the background. This vulnerability occurred during the routine multifirma emission adjustment process, which is regularly conducted to adapt to market conditions and utilization. DAO contributors strictly adhere to many industry standard operating procedures throughout the process. Each transaction is simulated on Tenderly to ensure accuracy and independently reviewed by multiple developers at each signature stage. During these reviews, no abnormalities were detected in the frontend checks of Tenderly and Safe. To emphasize the importance of this point, this compromise could not be detected during the manual review of the Gnosis Safe UI and the Tenderly simulation stage of regular transactions, and this has been confirmed by external security teams. Radiant Capital states that it has been closely collaborating with Seal911 and Hypernative and has implemented stronger multifirma controls. The FBI and zeroShadow are fully aware of the misconduct and are actively working to freeze all stolen assets. DAO is deeply affected by this attack and will continue to work tirelessly with relevant institutions to identify the attackers and recover the stolen funds as soon as possible.
Esta página puede contener contenido de terceros, que se proporciona únicamente con fines informativos (sin garantías ni declaraciones) y no debe considerarse como un respaldo por parte de Gate a las opiniones expresadas ni como asesoramiento financiero o profesional. Consulte el Descargo de responsabilidad para obtener más detalles.
Radiant Capital发文复盘被盗过程,表示将尽快识别攻击者并追回被盗资金
BlockBeats News, on October 18th, Radiant Capital officially reviewed on social media that the protocolo experienced a highly complex security vulnerability on the 16th, resulting in a loss of $50 million. The attackers injected advanced malware into the hardware monedero of multiple developers. During the intrusion, the frontend of Safe{Wallet} (also known as Gnosis Safe) displayed legitimate transaction data, while the poisoned transactions were signed and executed in the background. This vulnerability occurred during the routine multifirma emission adjustment process, which is regularly conducted to adapt to market conditions and utilization. DAO contributors strictly adhere to many industry standard operating procedures throughout the process. Each transaction is simulated on Tenderly to ensure accuracy and independently reviewed by multiple developers at each signature stage. During these reviews, no abnormalities were detected in the frontend checks of Tenderly and Safe. To emphasize the importance of this point, this compromise could not be detected during the manual review of the Gnosis Safe UI and the Tenderly simulation stage of regular transactions, and this has been confirmed by external security teams. Radiant Capital states that it has been closely collaborating with Seal911 and Hypernative and has implemented stronger multifirma controls. The FBI and zeroShadow are fully aware of the misconduct and are actively working to freeze all stolen assets. DAO is deeply affected by this attack and will continue to work tirelessly with relevant institutions to identify the attackers and recover the stolen funds as soon as possible.