The Cost of Complacency: What Radiant's Second Hack Teaches Us

Introduction

‍

It’s the same story every time. Brilliant minds create a wonderful product that gains immense popularity. The market confirms their success: steadily growing acceptance, rising user numbers, and an ever-increasing TVL create the illusion that everything has been done right and that they are untouchable.

‍

However, despite these figures supporting their confidence, they repeatedly fall for grand promises. They believe that auditing their smart contracts and subsequently relying on external monitoring will protect them from all dangers. This is a dangerous illusion.

‍

One example is Radiant. In January 2024, the protocol fell victim to a smart contract attack, resulting in a loss of $4.3 million. Just a few days ago, it suffered another attack, this time resulting in a loss of $51 million, reportedly due to compromised keys.

‍

‍

Hackers invest millions to steal billions!

‍

The hard truth is that experienced hackers constantly evolve their attacks. They do not solely rely on the success of their developed attack techniques. No two attacks are alike, especially against protocols that, after successful breaches, fail to implement further defensive measures or neglect to audit their smart contracts for newly recognized vulnerabilities, continuing to operate entirely unprotected as if nothing has happened.

‍

It is entirely irrelevant how long a protocol has been active or how high its TVL is. In the past, we have seen many protocols fall into trouble in precisely this manner. For example, Platypus, PancakeBunny, and Pike were hacked just three months after their launch, and Deus was breached after only five months - just a few incidents to highlight.

‍

The same applies to the myth that only large protocols with high TVLs, and therefore high losses, get hacked. For instance, Wise Lending experienced two hacks with relatively modest losses. The first hack resulted in a loss of $146,000, and the second involved $449,000. GoodDollar lost $620,000 in its first hack, while the bZx protocol recorded losses of $335,000 in its first hack and $660,000 in the second.

‍

The paradox here is that monitoring services can even assist hackers in evolving their attack techniques, as they can be “misused” as a type of early warning system, providing hackers with valuable information and details during their attack preparation about where it would be worthwhile to strike. This diminishes external monitoring to overpriced “You got hacked” notification services.

‍

Those who want to protect themselves and their customers must take action!

‍

Returning to the case of Radiant, we will surely witness monitoring firms claiming that their services do not cover this type of attack and thus do not acknowledge any wrongdoing on their part, which is entirely correct.

‍

‍

But this also exposes the entire dilemma: relying on audits and external monitoring provides only an unreliable security cover, under the good faith belief that one has done something positive for their own safety.

‍

Addressing a Call for Innovation in Blockchain Security

‍

However, those who genuinely want to grow confidently and protect themselves, especially their customers, from all forms of attacks and loss mmes should immediately opt for a 360° security solution. A security solution that closes all gaps and vulnerabilities, leaving hackers no opportunity to cause harm, while also protecting against all internal and external operational failures.

‍

spherex technologies offers precisely this security solution: 360° security through the combination of protocol runtime protection and real-time prevention, automatically reversing suspicious and malicious transactions before they can cause damage. This is complemented by internal and external monitoring, as well as an exclusive incident response service.

‍

And the best part….. This comprehensive service does not incur exorbitant costs or require countless extra working hours from the security team. Our competitive pricing and a service promise that entails little to no additional effort complete our offering.

‍