Radiant Capital hacker moves $52 million worth of stolen cryptocurrencies

PeckShield reported that this is the first stage of money laundering before moving them to a crypto mixer

24.10.2024 - 10:15

370

3 min

What’s new? Lending DeFi protocol hacker Radiant Capital moved almost all of the stolen funds in an attempt to hide its location. According to IS firm PeckShield, he moved nearly 20 500 ETH worth $52 million from Arbitrum and BNB Chain to Ethereum using cross-chain protocols on October 24.

Source: X.com

What else is known? Radiant Capital was attacked on October 16, the same day the project suspended operations. On October 23, the project team reminded users to secure their wallets by revoking permissions to use the affected smart contracts. Otherwise, these funds could also be withdrawn.

The community initially believed that the hacker had committed a smart contract exploit, but an internal incident report states that the attacker compromised the hardware wallets of at least three core developers to gain control of the project’s multi-signature wallet.

He obtained three of the eleven private keys needed to update the protocol, allowing smart contracts to be modified on the Arbitrum and BNB Chain networks. During the attack, the hacker stole ETH, BNB, USDC stablecoins and other cryptocurrencies.

Media report on the mass employment of DPRK developers in crypto startups

Since at least 2018, North Koreans have been infiltrating companies to make money in the face of sanctions, as well as organizing hacks

After the hack, Radiant’s fake X accounts began distributing a malicious drainer link disguised as a link to a platform to revoke permissions for the wallet to interact with the protocol. Clicking on the malicious link threatens to empty the wallet. Notably, one such fake post was mistakenly reposted by IS company Ancilia.

Radiant Capital allows users to borrow and lend assets at interest on several blockchain networks, including Ethereum, BNB Chain, and Arbitrum. According to DefiLlama, the total value locked (TVL) of the project has dropped by 66% since the hack and is currently around $24 million.

This is not the first time Radiant Capital has been hacked this year. In January, the platform suspended its credit markets after a $4,5 million flash loan hack.

Hackers often use Ethereum as a starting point for laundering funds using crypto mixers such as Tornado Cash, which has been banned by US authorities. The same method was used this year in hacks of platforms WazirX, CoinStats, Orbit Chain, Pancake Bunny, Unizen, Penpie, and others.

US court denies Tornado Cash founder’s motion to dismiss criminal case

Roman Storm will face a jury trial on December 2, with three counts carrying a maximum penalty of 45 years in prison

PeckShield previously noted that a swift transfer of assets to Ethereum could help hackers secure their funds before authorities or centralized token issuers take any preventative measures.

According to the company, losses from crypto hacks in September exceeded $120 million, the second-highest result this year.

Author: