- Radiant Capital’s latest exploit saw $52M in stolen Ethereum, highlighting vulnerabilities in cross-chain DeFi platforms.
- Attackers used malware to compromise Radiant’s core developers, gaining control over the multi-signature wallet and funds.
- Radiant’s TVL dropped 66% after the $52M hack, as the DeFi platform works with the FBI to recover and secure user assets.
An estimated $52 million worth of Radiant Capital’s 20,500 ETH was stolen from its platform. According to a PeckShield investigation, the hackers moved the money they had stolen from Arbitrum and BNB Chain to Ethereum. These transactions, involving numerous wallets, funneled the Ether to addresses associated with the Radiant Capital Exploiter.
#PeckShieldAlert #RadiantCapital Exploiter -labeled addresses have bridged nearly all stolen funds from #Arbitrum and #BNBChain to #Ethereum, totaling ~20.5K $ETH (worth ~$52M). pic.twitter.com/JquCL84hZl
— PeckShieldAlert (@PeckShieldAlert) October 24, 2024
Malware Injection Compromises Core Developers’ Devices
Significantly, Radiant Capital’s October 16 incident was no regular smart contract breach. Instead, attackers used malware injections to compromise the devices of at least three core developers. This allowed them to gain control over the platform’s multi-signature wallet, resulting in a substantial loss of funds.
Moreover, the movement of stolen Ether occurred across a coordinated network of wallets, with individual transfers reaching millions of dollars. For instance, one wallet received $1,783,710.33 ETH, while another processed a staggering $4,794,345.57 ETH.
Radiant Capital’s Struggles Continue
This marks Radiant Capital’s second major exploit in 2024. In January, the platform lost $4.5 million to a flash loan attack. Since this most recent breach, the total value locked (TVL) on Radiant Capital has dropped by 66%, standing at $24 million, according to DefiLlama.
Additionally, cybercriminals often rely on Ethereum to obscure their funds by moving assets through mixers like Tornado Cash. PeckShield previously noted that hackers quickly swap to Ether to secure stolen assets before centralized token issuers or authorities take preventative actions.
Recovery and Security Measures Underway
The Radiant Capital team has enlisted the help of the FBI for its recovery efforts. Furthermore, they have urged users to revoke approvals for affected smart contracts to protect their funds. If users fail to follow these instructions, their wallets remain at risk.
Despite its efforts to recover, Radiant Capital’s recent spate of attacks exposes the increasing weaknesses in the decentralized finance (DeFi) industry. Hackers looking to take advantage of DeFi platforms are becoming more and more visible.