Radiant Capital hacker moves $52 million worth of stolen cryptocurrencies
PeckShield reported that this is the first stage of money laundering before moving them to a crypto mixer
24.10.2024 - 10:15
87
3 min
0
What’s new? Lending DeFi protocol hacker Radiant Capital moved almost all of the stolen funds in an attempt to hide its location. According to IS firm PeckShield, he moved nearly 20 500 ETH worth $52 million from Arbitrum and BNB Chain to Ethereum using cross-chain protocols on October 24.
What else is known? Radiant Capital was attacked on October 16, the same day the project suspended operations. On October 23, the project team reminded users to secure their wallets by revoking permissions to use the affected smart contracts. Otherwise, these funds could also be withdrawn.
The community initially believed that the hacker had committed a smart contract exploit, but an internal incident report states that the attacker compromised the hardware wallets of at least three core developers to gain control of the project’s multi-signature wallet.
He obtained three of the eleven private keys needed to update the protocol, allowing smart contracts to be modified on the Arbitrum and BNB Chain networks. During the attack, the hacker stole ETH, BNB, USDC stablecoins and other cryptocurrencies.
Media report on the mass employment of DPRK developers in crypto startups
Since at least 2018, North Koreans have been infiltrating companies to make money in the face of sanctions, as well as organizing hacks
After the hack, Radiant’s fake X accounts began distributing a malicious drainer link disguised as a link to a platform to revoke permissions for the wallet to interact with the protocol. Clicking on the malicious link threatens to empty the wallet. Notably, one such fake post was mistakenly reposted by IS company Ancilia.
Radiant Capital allows users to borrow and lend assets at interest on several blockchain networks, including Ethereum, BNB Chain, and Arbitrum. According to DefiLlama, the total value locked (TVL) of the project has dropped by 66% since the hack and is currently around $24 million.
This is not the first time Radiant Capital has been hacked this year. In January, the platform suspended its credit markets after a $4,5 million flash loan hack.
Hackers often use Ethereum as a starting point for laundering funds using crypto mixers such as Tornado Cash, which has been banned by US authorities. The same method was used this year in hacks of platforms WazirX, CoinStats, Orbit Chain, Pancake Bunny, Unizen, Penpie, and others.
US court denies Tornado Cash founder’s motion to dismiss criminal case
Roman Storm will face a jury trial on December 2, with three counts carrying a maximum penalty of 45 years in prison
PeckShield previously noted that a swift transfer of assets to Ethereum could help hackers secure their funds before authorities or centralized token issuers take any preventative measures.
According to the company, losses from crypto hacks in September exceeded $120 million, the second-highest result this year.
Useful material?
Mining
The restrictions are designed to maintain the balance of energy consumption, taking into account the demands of the industry
Dec 24, 2024
Market
Due to supply shortages, the asset’s pre-market exchange rate was climbing above $1000
Dec 16, 2024
Incidents
Reports about the hacking of the exchange with calls to withdraw assets began to spread on December 13
Dec 13, 2024
Crypto regulations
Stablecoins from issuer Circle will not be affected by the changes
Dec 12, 2024
Crypto regulations
The platform will launch after meeting the preconditions of the local exchange authority
Dec 9, 2024
Market
The $1,1 billion figure was reached after the bitcoin correction
Dec 6, 2024