Radiant Capital published a post reviewing the theft process, stating that it will identify the attacker and recover the stolen funds as soon as possible

BlockBeats news, on October 18, Radiant Capital officially posted a review on social media, saying that the protocol experienced a highly complex security vulnerability on the 16th, resulting in a loss of $50 million. The attacker exploited the hardware wallets of multiple developers through highly advanced malware injection.

During the intrusion, the front end of Safe{Wallet} (also known as Gnosis Safe) displayed legitimate transaction data, while the poisoned transactions were signed and executed in the background. This vulnerability occurred during the routine multi-signature emission adjustment process, which is performed regularly to adapt to market conditions and utilization. DAO contributors strictly adhere to many industry standard operating procedures throughout the process. Each transaction was simulated on Tenderly to ensure accuracy and was reviewed individually by multiple developers at each signing stage. During these reviews, front-end checks in Tenderly and Safe showed no abnormalities. To underscore the importance of this, this compromise was completely undetectable during manual review of the Gnosis Safe UI and Tenderly simulation stages of regular transactions, which has been confirmed by external security teams.

Radiant Capital said it has been working closely with Seal911 and Hypernative and has implemented stronger multi-signature controls. The FBI and zeroShadow are fully aware of the breach and are actively working to freeze all stolen assets. The DAO is deeply devastated by this attack and will continue to work tirelessly with the relevant authorities to identify the attacker and recover the stolen funds as quickly as possible.