ChainCatcher news, according to Cointelegraph, Radiant Capital and two cybersecurity companies disclosed that after a cybersecurity breach exceeding $50 million occurred on the BNB Chain and Arbitrum, Radiant Capital has suspended its lending market.Web3 cybersecurity company De.Fi Antivirus stated on the X platform: "By exploiting the 'transferFrom' function on the BSC and ARB chains, the attacker targeted the Radiant Capital contract, stealing user funds including USDC, WBNB, ETH, and more. This attack resulted in approximately $58 million in stolen funds." This is in line with estimates from another cybersecurity company, Ancilia Inc., which estimated the losses to be around $50 million. Radiant is controlled by a multi-signature wallet, and the attacker gained control of the private keys of multiple signers, subsequently taking control of several smart contracts.Radiant stated in a post on the X platform: "We are aware of the issues with the Radiant lending market on the BNB Chain and Arbitrum. We are working with SEAL911, Hypernative, ZeroShadow, and Chainalysis and will provide updates as soon as possible. The markets on Base and the mainnet will be suspended until further notice."

ChainCatcher message, Shield posted on platform X stating that OnyxDAO has become the latest victim of a precision vulnerability attack, with losses exceeding 3.8 million dollars.It is reported that the attack originated from a known precision issue in the CompoundV2 fork code they used. The stolen assets include 4.1 million VUSD, 7.35 million XCN, 5,000 DAI, 0.23 WBTC, and 50,000 USDT. The attacker exploited an almost vacant market to manipulate the exchange rate, successfully stealing the funds.

ChainCatcher message, according to CertiK Alert monitoring, the crypto sector lost approximately $300.6 million in August due to vulnerabilities, hacking attacks, and scams, of which about $10.3 million has been recovered. This is the second highest monthly loss so far in 2024.Among them:Exit Scam: approximately $800,000Flash Loan: approximately $1.2 millionContract Vulnerability Attacks: approximately $308.8 million

ChainCatcher message, Velocore tweeted that they have identified the vulnerability attack mechanism and are establishing an on-chain negotiation process. Post-incident analysis is ongoing. They are tracking the attacker through the clues left behind.In addition, Velocore on the Telos mainnet was not affected, and the team is working with the foundation while functionalities are frozen.

ChainCatcher news, according to Cyvers Alerts monitoring, the on-chain token infrastructure protocol Hedgeyhas encountered the same vulnerability attack on Arbitrum, resulting in a loss of approximately 42.8 million dollars.Earlier news reported that the on-chain token infrastructure protocol Hedgey was attacked on the Ethereum chain today, with approximately 1.9 million dollars stolen.

ChainCatcher message, Prisma Finance has released a vulnerability attack analysis report, which indicates that vulnerabilities in the mkUSD and ULTRA contracts resulted in a loss of 3,257 ETH, worth approximately 11 million USD. The Prisma team is continuing to investigate and is working to communicate with the exploiters. Once we confirm that all funds are secure, we will lift the suspension of the protocol. Currently, about 20 addresses are still affected. Prisma Finance will make every effort to recover user funds and will keep you updated on the latest developments regarding the next steps.

ChainCatcher news, DeFi lending protocol Blueberry Protocol tweeted that it has encountered a vulnerability attack. The official statement indicates that the funds deposited by users are currently safe, and only three markets are affected. The team is communicating with security personnel and will attempt to contact the attacker to return the remaining 91 ETH.

ChainCatcher news, according to Cointelegraph, several security experts stated that the Web3 lending application and yield aggregator Wise Lending was hacked on January 12, resulting in the theft of 177 ETH, worth approximately $460,000. Blockchain security researcher Spreek speculated that the vulnerability might be related to a new Pendle Finance derivative token.Blockchain data shows that the attacker used an unverified address ending in d82c to steal the funds. Multiple tokens were transferred into this contract, including $9,000 worth of USDC, $2,000 worth of USDT, $5,000 worth of Dai, 18.51 WETH, and a large number of Pendle Finance-related tokens. As part of the exploit, the attacker borrowed 1,110 stETH from the Aave lending protocol, equivalent to approximately $2.9 million.

ChainCatcher news, according to The Block, the perpetual trading protocol Levana Protocol on the Osmosis blockchain has fallen victim to a vulnerability, resulting in a loss of over $1.1 million from its liquidity pool. Between December 13 and 26, attackers drained 10% of Levana's liquidity pool.Levana plans to compensate affected liquidity providers through airdrops and by distributing the protocol fees collected during the attack.

ChainCatcher news, the cross-chain DEX project Kyber Network announced on social media that it will provide a grant to each user affected by the vulnerability. It is currently finalizing the details of these financial grants and will announce them on December 20, 2023, at 22:00 Beijing time.Kyber Network has created a snapshot page that allows affected users to view the dollar value of their affected positions, including fees, recorded across all chains in the block before the vulnerability occurred.

ChainCatcher message, the Web3 anti-fraud platform Scam Sniffer indicates that there seem to be 515 tokens on the mainnet affected by vulnerabilities related to Thirdweb, of which 3 have been attacked. The attackers profited approximately $218,000.

ChainCatcher news, according to The Block, the Philippines-based crypto wallet provider Coins.ph seems to have suffered a vulnerability attack on Tuesday, resulting in the loss of over 12 million XRP tokens (approximately 6 million USD).An anonymous source revealed, "I was helping them deal with this matter at the time, so I can confirm this security incident." According to the blockchain explorer XRP Scan, within about 30 minutes, a so-called hacker exchanged 999,999.999 XRP 13 times, and also exchanged another batch of 200,000 XRP.After obtaining nearly 12.2 million XRP tokens, the hacker subsequently sent these coins through OKX, the European cryptocurrency exchange fiat trading platform WhiteBIT, the cross-chain exchange OrbitBridge, the cryptocurrency exchange SimpleSwap, two non-custodial exchanges ChangeNOW and Fixed Float, and other destinations.

News, October 3rd, according to monitoring by Spot on Chain, in the past 3 days, a total of 37,500 Ethereum (approximately 63.2 million USD) has been transferred from 3 addresses of FTX exploiters.Among them, 35,000 Ethereum (approximately 59 million USD) was transferred to Thorchain and Railgun contracts, possibly for money laundering; 2,500 Ethereum (approximately 4.19 million USD) was exchanged for 153.4 tBTC, with an average price of 27,281 USD each.FTX exploiters still hold 148,246 Ethereum (approximately 247 million USD) across 13 addresses.

ChainCatcher message, DeFi synthetic asset protocol Linear Finance stated that the Linear stablecoin LUSD is suspected to have encountered a vulnerability attack. During the team's investigation, please do not purchase LUSD and do not trade LUSD. Liquidation has been suspended, and user accounts will not face any risk. Further updates will follow.

ChainCatcher news, Slow Mist's Chief Information Security Officer 23pds stated that the Pegasus organization is attacking through a zero-click vulnerability in the iOS system. The attackers are using iMessage accounts to send malicious images as PassKit attachments to trigger the attack. The exploit chain has been made public, and Apple users can be infected without any click interaction. Apple has now released an emergency update.

ChainCatcher news, the DeFi liquidity protocol Balancer has released an update regarding vulnerability risks, stating that it has developed mitigation procedures to reduce risks, but the affected liquidity pools cannot be paused, urging users to exit the affected LPs immediately using the user interface (UI). Due to the vigilance and swift actions of Balancer LPs, the vast majority of liquidity initially deemed vulnerable has been withdrawn. However, on August 27, five days after the vulnerability disclosure, malicious actors successfully exploited a portion of the funds still vulnerable in the affected pools within the Balancer and Beethoven X protocols.In addition, the Balancer and Beethoven X communities are taking known measures to thoroughly investigate the situation and are actively collaborating with relevant partners, legal teams, and security experts to resolve the issues. User safety remains the highest priority; if the UI does not prompt users to exit the liquidity pool or allow users to enter the liquidity pool, then that pool is considered safe and without risk. Balancer stated that it is currently unable to disclose exact figures related to the losses and will remain vigilant, following up on the latest developments regarding the exploit. Until a comprehensive investigation is completed and a post-analysis is released, the information that can be shared with the community remains limited.

ChainCatcher news, according to a message released by CertiK's official Twitter, the Base ecosystem project RocketSwap has suffered a vulnerability attack. The attacker bridged the stolen assets to Ethereum, resulting in a loss of 471 ETH (approximately $868,000). Attacker address: 0x96c0876F573e27636612CF306C9db072d2B13DE8.