Radiant Capital Hacker Moves $52M in Stolen Funds to Ethereum, PeckShield Reports

Radiant Capital Hacker Moves $52M in Stolen Funds to Ethereum, PeckShield Reports

Blockchain forensics firm PeckShield has identified that wallets connected to the Radiant Capital exploiter transferred $52 million worth of stolen funds into the Ethereum network.

In an October 24 post on X (formerly Twitter), PeckShield revealed that the hacker’s addresses had moved “nearly all of the stolen funds” from the layer 2 network Arbitrum and Binance’s BNB Chain into Ethereum. According to their analysis, the hacker managed to accumulate around 20,500 Ether, valued at approximately $52 million.

On October 16, Radiant Capital, a decentralized finance (DeFi) lending platform, suffered a significant breach, losing more than $50 million in a sophisticated malware attack that compromised the funds stored on Radiant Capital’s Arbitrum chain.

The post-mortem report on the incident disclosed that the attackers had successfully infiltrated the hardware wallets of at least three Radiant developers using a highly advanced malware injection. The team described it as “one of the most sophisticated hacks ever recorded in DeFi.”

It’s common for cybercriminals to transfer stolen funds into the Ethereum network before laundering them through a crypto mixer, making it exceedingly difficult to trace the transactions. This method has been frequently employed in various high-profile hacks this year, including those targeting platforms like WazirX, CoinStats, and Orbit Chain.

On October 23, Radiant Capital urged its users to secure their wallets by revoking approvals to the affected contracts via revoke.cash. The platform provided a list of contracts for users to check and warned, “This is not optional—take one minute to protect your assets by visiting revoke.cash and removing any permissions to prevent further losses!”

Despite the breach Radiant Capital, built on the LayerZero protocol, reassured its community that it is working diligently with security experts and law enforcement to track and freeze the stolen funds.

According to PeckShield’s data, September 2024 alone saw over $120 million in losses due to various crypto-related exploits. Other notable platforms impacted by these attacks included BingX, Penpie, and Indodax.