Radiant Capital hacker moves $52 million worth of stolen cryptocurrencies
PeckShield reported that this is the first stage of money laundering before moving them to a crypto mixer
24.10.2024 - 10:15
65
3 min
0
What’s new? Lending DeFi protocol hacker Radiant Capital moved almost all of the stolen funds in an attempt to hide its location. According to IS firm PeckShield, he moved nearly 20 500 ETH worth $52 million from Arbitrum and BNB Chain to Ethereum using cross-chain protocols on October 24.
What else is known? Radiant Capital was attacked on October 16, the same day the project suspended operations. On October 23, the project team reminded users to secure their wallets by revoking permissions to use the affected smart contracts. Otherwise, these funds could also be withdrawn.
The community initially believed that the hacker had committed a smart contract exploit, but an internal incident report states that the attacker compromised the hardware wallets of at least three core developers to gain control of the project’s multi-signature wallet.
He obtained three of the eleven private keys needed to update the protocol, allowing smart contracts to be modified on the Arbitrum and BNB Chain networks. During the attack, the hacker stole ETH, BNB, USDC stablecoins and other cryptocurrencies.
Media report on the mass employment of DPRK developers in crypto startups
Since at least 2018, North Koreans have been infiltrating companies to make money in the face of sanctions, as well as organizing hacks
After the hack, Radiant’s fake X accounts began distributing a malicious drainer link disguised as a link to a platform to revoke permissions for the wallet to interact with the protocol. Clicking on the malicious link threatens to empty the wallet. Notably, one such fake post was mistakenly reposted by IS company Ancilia.
Radiant Capital allows users to borrow and lend assets at interest on several blockchain networks, including Ethereum, BNB Chain, and Arbitrum. According to DefiLlama, the total value locked (TVL) of the project has dropped by 66% since the hack and is currently around $24 million.
This is not the first time Radiant Capital has been hacked this year. In January, the platform suspended its credit markets after a $4,5 million flash loan hack.
Hackers often use Ethereum as a starting point for laundering funds using crypto mixers such as Tornado Cash, which has been banned by US authorities. The same method was used this year in hacks of platforms WazirX, CoinStats, Orbit Chain, Pancake Bunny, Unizen, Penpie, and others.
US court denies Tornado Cash founder’s motion to dismiss criminal case
Roman Storm will face a jury trial on December 2, with three counts carrying a maximum penalty of 45 years in prison
PeckShield previously noted that a swift transfer of assets to Ethereum could help hackers secure their funds before authorities or centralized token issuers take any preventative measures.
According to the company, losses from crypto hacks in September exceeded $120 million, the second-highest result this year.
Useful material?
Technologies
Network fees will be integrated into the cost of swaps
Nov 22, 2024
Market
The company’s unrealized profits from investing in its first cryptocurrency approached $14 billion
Nov 19, 2024
Incidents
The search, the reason for which was not announced, took place a week after the election, the results of which Polymarket users predicted quite accurately
Nov 14, 2024
Market
Analysts point to the growing popularity of the first cryptocurrency as a safe haven asset
Nov 13, 2024
Market
The product will begin trading on the Swiss Exchange on November 19
Nov 12, 2024
Market
The company’s unrealized profits from investing in the first cryptocurrency approached $13 billion
Nov 12, 2024