在遭受損失約 5,800 萬美元的駭客攻擊後，Radiant Capital 恢復以太坊借貸市場

11 月 1 日，貸款協議表示已實施改進，包括將所有權轉移到時間鎖定合約。

Decentralized lending protocol Radiant Capital has announced the resumption of its Ethereum lending markets following an exploit that resulted in the theft of approximately $58 million in digital assets.

去中心化借貸協議 Radiant Capital 宣布恢復其以太坊借貸市場，此前該市場曾被利用，導致約 5,800 萬美元的數位資產被盜。

On Nov. 1, the lending protocol stated that it had implemented several improvements, including transferring ownership into a timelock contract. According to the Radiant Capital team, this measure enforces a mandatory 72-hour waiting period for any adjustments, enhancing Radiant’s security.

11 月 1 日，借貸協議表示已實施多項改進，包括將所有權轉移到時間鎖定合約。 Radiant Capital團隊表示，這項措施對任何調整強制執行72小時的等待期，從而增強了Radiant的安全性。

The team also implemented an emergency admin role governed by a multisignature structure. This role is designed to pause and unpause the lending protocol’s markets as needed.

該團隊還實施了由多重簽名結構管理的緊急管理角色。該角色旨在根據需要暫停和取消暫停借貸協議的市場。

Furthermore, its decentralized autonomous organization (DAO) has adjusted its multisignature security, reducing the number of required signers to seven and setting a four-out-of-seven signing threshold.

此外，其去中心化自治組織（DAO）調整了多重簽名安全性，將所需簽名者的數量減少到七個，並設定了七分之四的簽名閾值。

Multisignature wallets enhance security by requiring multiple signatures to execute or process crypto transactions. This setup eliminates the risk of a single point of failure associated with having only one private key.

多重簽名錢包透過要求多個簽名來執行或處理加密交易來增強安全性。此設定消除了與只有一個私鑰相關的單點故障風險。

The security enhancements follow an exploit that led to $58 million in digital asset losses. On Oct. 16, Radiant Capital halted its lending markets after a cybersecurity breach on BNB Chain and Arbitrum.

此次安全增強是在導致數位資產損失 5,800 萬美元的漏洞之後進行的。 10 月 16 日，Radiant Capital 在 BNB Chain 和 Arbitrum 發生網路安全漏洞後暫停了其借貸市場。

An attacker gained control of several signers’ private keys and smart contracts. This incident allowed the hackers to drain over $50 million in assets from the protocol.

攻擊者控制了多個簽署者的私鑰和智能合約。這起事件使駭客從協議中盜取了超過 5,000 萬美元的資產。

On Oct. 18, Radiant Capital confirmed in a post-mortem that the attackers had compromised the devices of at least three of its core developers by injecting malware.

10 月 18 日，Radiant Capital 在事後分析中證實，攻擊者透過注入惡意軟體破壞了至少三名核心開發人員的裝置。

Radiant Capital stated that the devices were compromised in a way where the front-end of their wallets displayed legitimate transaction data while malicious transactions were being signed and executed in the background.

Radiant Capital 表示，這些裝置受損的方式是，錢包前端顯示合法交易數據，而惡意交易則在後台簽署和執行。

In an X post, security professional Patrick Collins described the incident as a “$50 million lesson” that the decentralized finance (DeFi) space needs to remember. According to Collins, there is an educational or tooling gap in verifying transactions using hardware wallets.

在 X 貼文中，安全專業人士 Patrick Collins 將這一事件描述為去中心化金融 (DeFi) 領域需要記住的「價值 5000 萬美元的教訓」。柯林斯表示，使用硬體錢包驗證交易存在教育或工具差距。

Meanwhile, the Radiant Capital hacker has already moved about $52 million of the stolen funds from the incident. On Oct. 24, blockchain security firm PeckShield reported that the exploiter had already moved “nearly all” of the stolen funds.

與此同時，Radiant Capital 駭客已經轉移了該事件中約 5,200 萬美元的被盜資金。 10 月 24 日，區塊鏈安全公司 PeckShield 報告稱，攻擊者已經轉移了「幾乎所有」被盜資金。