While Radiant Capital users tried to quickly revoke their permissions to protect their funds after the attack, this malicious link shared by Ancilia could have endangered users’ funds. This bug caused a huge stir in the crypto security world.

The incident occurred following the hack of Radiant Capital on October 16. Attackers seized approximately $51.5 million in funds using a flaw in the lending protocol.

While users were trying to revoke the permissions they gave to the platform in order to secure their wallets after the hack, the link shared by Ancilia directed users to a fake Radiant X account. The link belonged to a wallet drainer and could lead to the theft of funds for users who clicked and allowed it.

Crypto commentator Spreek, who goes by the pseudonym, noticed this mistake and shared a screenshot of Ancilia’s deleted post. Spreek said that the link sent by Ancilia was a scam link and asked users to be careful when trying to revoke their wallet permissions.

“If you are a security account, you should be careful not to make such a mistake,” Spreek warned in his post on the X platform. This situation caused Ancilia’s mistake as a security company to attract great reaction.

Ancilia had instructed Radiant Capital users by saying, “Please follow the link in this official message” when trying to revoke their permissions from the hacked protocol. However, the link led to a fraudulent link that would compromise users’ wallet permissions.

This created a risk that users’ funds could be stolen. In the world of cryptosecurity, such errors are extremely rare and can have major consequences, which is why Ancilia’s mistake caused a huge impact.

Following the incident, crypto security firm De.Fi alerted users on the

Thanks to this change to the protocol’s smart contracts, attackers seized assets worth approximately $51.5 million. The stolen assets included major digital assets such as USD Coin, Wrapped BNB (WBNB) and Ether.

According to the statements of security firm De.Fi, the Radiant Capital protocol was controlled by a multi-signature wallet with 11 signatories. Attackers gained access to the private keys of three of these signatories and thus stole user funds by modifying smart contracts.

This attack was the second major security breach Radiant Capital encountered this year. In January 2024, Radiant lost $4.5 million due to a similar deficit.

Radiant Capital stated that they were “aware of the problem” after the hacking incident and announced that they were trying to solve the problem by working with various security companies such as SEAL911, Hyperactive, ZeroShadow and Chainalysis.

Security companies are making intense efforts to compensate for the damages caused to users. Additionally, Radiant, in its post on the X platform, advised users to revoke their smart contract permissions with an application called revoke.cash. This application provides additional security by easily removing permissions between users’ wallets and smart contracts.