A hacker stole $53 million from cross-chain DeFi protocol Radiant Capital back in October 2024.
Ten months later, the perpetrator has nearly doubled their Ethereum stash.
Hacker’s Ethereum Windfall
According to the latest update by LookOnChain, the stolen 21,957 ETH has now been partially sold for profit. In fact, 9,631 ETH fetched approximately $43.94 million at an average price of $4,562.
The remaining 12,326 ETH is worth approximately $58.6 million, which brings the total holdings to $102.54 million – a profit of $49.5 million, or 48.5%.
Ethereum’s price surge has played a major role in boosting the value of the stolen funds from the Radiant Capital hack. At the time of the theft, ETH was trading near $2,500. Since then, the leading altcoin has seen a significant rally along with the rest of the crypto market, surging past $4,700 to mark a multi-year high.
Radiant Capital Heist
In its post-mortem report, the platform had said that it is working closely with US law enforcement, including the FBI. Later released findings from Radiant, supported by Web3 security firms including Mandiant, zeroShadow, Hypernative, and SEAL 911, pointed to a meticulously planned social engineering campaign that began more than a month before the breach.
The attackers leveraged Telegram to impersonate a trusted former contractor, thereby sending a booby-trapped file disguised as a smart contract auditing report. The file, in reality, delivered INLETDRIFT, a macOS backdoor malware capable of manipulating front-end transaction data.
This tactic exploited human trust as much as technical vulnerabilities, as developers unknowingly approved malicious transactions that appeared legitimate in simulations and verification tools.
Meanwhile, zeroShadow corroborated Radiant’s assessment and attributed the incident to North Korea-linked actors with “high confidence” based on both on-chain and off-chain indicators. The Web3 security firm had then noted,
“We have tracked the movements to Hyperliquid as stemming from Radiant users failing to revoke permissions, and not the initial incident’s stolen funds.”
The October breach was the second hack against Radiant in 2024. Earlier in January of that year, a smart contract flaw cost the DeFi platform $4.5 million.
Binance Free $600 (CryptoPotato Exclusive): Use this link to register a new account and receive $600 exclusive welcome offer on Binance (full details).
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE position on any coin!
