Binance issues warning to Binance wallet users
Binance has issued an urgent alert to all Binance Wallet users following a hacker attack on decentralized finance (DeFi) platform Radiant Capital.
The attack, which occurred on October 16, resulted in the extraction of more than 50 million dollars from the BNB Smart Chain (BSC) and Arbitrum networks, exposing many users' wallets to vulnerabilities.
In response to the incident, Binance used its official X account to instruct users to quickly revoke permissions for certain contracts in their wallets.
The exchange identified contracts on the Ethereum, Arbitrum, BSC and Base networks that, if maintained, could be exploited by hackers. Binance highlighted the importance of removing these approvals as quickly as possible to prevent compromised contracts from continuing to move tokens without authorization.
Binance issues warning
The procedure that Binance mentioned involves using the BscScan Token Approval Checker. This is a tool that allows users to connect their Web3 wallets and view all contracts that are allowed to spend their tokens.
After reviewing these approvals, users can select the contracts they want to revoke. Then they must confirm the transaction to ensure that no one moves the tokens improperly.
In the statement, Binance explained that the attack on Radiant Capital happened through a “backdoor contract”, which the attackers implemented to exploit a vulnerability in the “transferFrom” function of a smart contract.
This function, common in the Ethereum ERC-20 standard, allows smart contracts to move tokens from one user's account to another. But this is only if the user has previously authorized the operation.
Hackers, taking advantage of this loophole, managed to drain Radiant Capital's funds without proper authorization from users. Radiant Capital, in turn, temporarily closed its markets on the Base, BSC and Arbitrum networks to contain the damage.
The company announced that it is working in partnership with security companies such as SEAL911 and Chainalysis to investigate the incident and strengthen its defenses against future attacks.
Furthermore, Binance reported that it has already started the refund process, making $10 million available to users affected by the attack. The platform reaffirmed its commitment to security, ensuring that it will continue to monitor the situation closely and provide guidance to protect its users' wallets.