Radiant Capital Hacker Transfers $52 Million in Stolen Funds to Ethereum

Highlights:

• PeckShield reports nearly all stolen funds from Radiant Capital moved to Ethereum.
• Radiant Capital lost over $50 million in a security breach on October 16.
• The platform’s total value locked dropped 66% to around $24 million.

In an Oct. 24 X post, blockchain security firm PeckShield reported that addresses linked to the hacker behind the recent theft from decentralized finance (DeFi) protocol Radiant Capital has moved “nearly all stolen funds” from Binance Smart Chain (BSC) and Arbitrum to the Ethereum network. Approximately 20,500 Ether, valued at around $52 million, was transferred. All efforts aimed to make the funds untraceable.

Criminals often move stolen funds to the Ethereum network and launder them through crypto mixers, making recovery harder. This method has been used in various crypto hacks this year, including WazirX, CoinStats, and Orbit Chain.

#PeckShieldAlert #RadiantCapital Exploiter -labeled addresses have bridged nearly all stolen funds from #Arbitrum and #BNBChain to #Ethereum, totaling ~20.5K $ETH (worth ~$52M). pic.twitter.com/JquCL84hZl

— PeckShieldAlert (@PeckShieldAlert) October 24, 2024

Radiant Capital Attack Analysis Report

In a post-mortem report released on October 18, Radiant Capital disclosed a $50 million loss due to a security breach that occurred on October 16. The company is working with blockchain security firms Chainalysis, SEAL911, Hypernative, and ZeroShadow to investigate the incident. U.S. law enforcement, including the FBI, is also involved and is working to freeze all stolen assets.

The report states that attackers deployed advanced malware to compromise the hardware wallets of three core developers. This breach affected the front-end transaction verification process. It allowed hackers to execute harmful transactions undetected, while users believed everything was operating normally.

On October 16, 2024, Radiant Capital experienced a highly sophisticated security breach that resulted in the loss of $50 million USD. The attackers exploited multiple developers' hardware wallets through a highly advanced malware injection.

The devices were compromised in such a…

— Radiant Capital (@RDNTCapital) October 18, 2024

On October 23, Radiant Capital urged users to secure their wallets by revoking approvals to compromised contracts on revoke.cash. The platform also provided a list of affected contracts for users to revoke access. 

The company noted:

“This is not optional—take one minute to protect your assets by visiting revoke.cash and removing any permissions to prevent further losses!” 

Radiant Capital Faces Second Major Exploit in 2024, TVL Drops 66%

Radiant Capital, a DeFi platform, enables users to earn interest and borrow assets across blockchains like Arbitrum, BNB, and Ethereum.  Since the exploit, its total value locked has dropped 66%, now standing at around $24 million, as reported by DefiLlama.

This marks Radiant’s second exploit in 2024. In January, the protocol suffered a $4.5 million loss in a flash loan attack, leading to a nearly 40% decline in its total value locked.

#PeckShieldAlert September 2024 saw 20+ hacks in the crypto space, leading to ~$120.23 million in losses. (Note: The $32.4 million worth of $spWETH drained in a Permit signature #phishing is not included)#Top 10 Hacks in September 2024:#BingX: $44 million#Penpie: $27 million… pic.twitter.com/t2YuvIds6u

— PeckShieldAlert (@PeckShieldAlert) October 1, 2024

Cybercriminals Keep Targeting Crypto Platforms

Hackers continue to exploit crypto platforms. Recently, Tapioca DAO, a decentralized money market protocol on LayerZero, faced a security breach that caused its native TAP token to lose over 90% of its value. The firm revealed that the hacker used social engineering tactics to deceive a team member on Discord into lowering security measures.

The attacker stole approximately $4,405,600, including $2.8 million in USDC and $1,575,606 in ETH from the USDO/USDC liquidity pair. The stolen funds were initially swapped for ETH, then converted to USDT, and finally bridged from Arbitrum to the BNB Chain, where they are currently held. Tapioca DAO has proposed a $1 million bounty to the attacker.

In September, crypto hacks resulted in losses exceeding $120 million, affecting platforms like BingX, Penpie, and Indodax. This figure represents a 61.76% decrease from August, with more than 20 hacks reported, according to PeckShield.