Crypto security firm Ancilia landed itself in hot water after accidentally sharing a link pointing to a crypto wallet drainer in an attempt to aid users who lost funds in a $52 million exploit of lending protocol Radiant Capital.
Radiant Capital users were rushing to revoke permissions to prevent their funds from being stolen after the lending protocol was hacked on Oct. 16. The attackers made off with about $51.5 million in funds.
Pseudonymous crypto commentator Spreek shared a screenshot of Ancilia’s now-deleted post, which re-posted what they said was a “scam link” from an imposter Radiant X account.
Ancilia instructed Radiant Capital users trying to revoke their permissions on the exploited protocol to “please follow the link from this official message.”
The link led to a wallet drainer that would have siphoned the funds of any user who clicked on it and accepted the permissions.
The now-deleted tweet from Ancilia. Source: Spreek
“For fuck’s sake, if you are a ‘trusted’ security account, you need to absolutely make sure to never do this,” Spreek wrote in an X post.
Crypto security firm De.Fi alerted users of the Radiant Capital hack in an Oct. 16 X post saying that the attackers had altered the protocol’s smart contracts on BNB Smart Chain and Arbitrum.
The change in the smart contracts allowed the attackers to steal about $51.5 million in assets, including USD Coin (USDC), Wrapped BNB (WBNB) and Ether (ETH).
The security firm said that Radiant Capital was controlled by a multi-signature wallet with 11 signers. The hackers reportedly obtained access to three of the signers’ private keys, which allowed them to alter the protocol’s smart contracts and steal user funds.
Related: Scientists breach cryptographic algorithms with quantum computer
The attack marked the second time that Radiant has suffered an exploit this year. Radiant lost $4.5 million in January after hackers exploited a different flaw in its smart contracts.
Radiant said it was “aware of the issue” and was working with several security firms, including SEAL911, Hyperactive, ZeroShadow and Chainalysis, to resolve the problem.
In a later post to X, Radiant directed users to revoke smart contract permissions using an app called revoke.cash, which helps users cut ties between their wallets and smart contracts.
Source: Radiant Capital
Magazine: Fake Rabby Wallet scam linked to Dubai crypto CEO and many more victims