Radiant Capital hacker moves $52 million worth of stolen cryptocurrencies
PeckShield reported that this is the first stage of money laundering before moving them to a crypto mixer
24.10.2024 - 10:15
48
3 min
0
What’s new? Lending DeFi protocol hacker Radiant Capital moved almost all of the stolen funds in an attempt to hide its location. According to IS firm PeckShield, he moved nearly 20 500 ETH worth $52 million from Arbitrum and BNB Chain to Ethereum using cross-chain protocols on October 24.
What else is known? Radiant Capital was attacked on October 16, the same day the project suspended operations. On October 23, the project team reminded users to secure their wallets by revoking permissions to use the affected smart contracts. Otherwise, these funds could also be withdrawn.
The community initially believed that the hacker had committed a smart contract exploit, but an internal incident report states that the attacker compromised the hardware wallets of at least three core developers to gain control of the project’s multi-signature wallet.
He obtained three of the eleven private keys needed to update the protocol, allowing smart contracts to be modified on the Arbitrum and BNB Chain networks. During the attack, the hacker stole ETH, BNB, USDC stablecoins and other cryptocurrencies.
Media report on the mass employment of DPRK developers in crypto startups
Since at least 2018, North Koreans have been infiltrating companies to make money in the face of sanctions, as well as organizing hacks
After the hack, Radiant’s fake X accounts began distributing a malicious drainer link disguised as a link to a platform to revoke permissions for the wallet to interact with the protocol. Clicking on the malicious link threatens to empty the wallet. Notably, one such fake post was mistakenly reposted by IS company Ancilia.
Radiant Capital allows users to borrow and lend assets at interest on several blockchain networks, including Ethereum, BNB Chain, and Arbitrum. According to DefiLlama, the total value locked (TVL) of the project has dropped by 66% since the hack and is currently around $24 million.
This is not the first time Radiant Capital has been hacked this year. In January, the platform suspended its credit markets after a $4,5 million flash loan hack.
Hackers often use Ethereum as a starting point for laundering funds using crypto mixers such as Tornado Cash, which has been banned by US authorities. The same method was used this year in hacks of platforms WazirX, CoinStats, Orbit Chain, Pancake Bunny, Unizen, Penpie, and others.
US court denies Tornado Cash founder’s motion to dismiss criminal case
Roman Storm will face a jury trial on December 2, with three counts carrying a maximum penalty of 45 years in prison
PeckShield previously noted that a swift transfer of assets to Ethereum could help hackers secure their funds before authorities or centralized token issuers take any preventative measures.
According to the company, losses from crypto hacks in September exceeded $120 million, the second-highest result this year.
Useful material?
Market
1,5 million addresses have already left applications
Oct 31, 2024
Business
The company began investing in bitcoin in 2020, and since then, the value of its securities has risen by 1700%
Oct 30, 2024
Mining
The Deputy Energy Minister explained that in deficit regions, it is impossible to allocate large capacities for industry enterprises until 2030
Oct 30, 2024
Market
Customers will also be able to withdraw funds to bank accounts using cards
Oct 30, 2024
Mining
Blockware noted increased investor interest in this type of asset due to inflation concerns
Oct 29, 2024
Market
They will provide a single benchmark price for crypto assets across time zones in Asia
Oct 28, 2024