Connect with us

Hi, what are you looking for?

Radiant Capital
Radiant Capital

Business

Radiant Capital loses $50 million to a sophisticated North Korean cyberattack

North Korean hackers, posing as a former contractor, carried out a $50 million hack, as Radiant Capital announced in October. The attackers exploited malware embedded in a shared file to compromise developer devices and circumvent advanced security safeguards.

Radiant Capital, a decentralized finance platform, has acknowledged that a North Korean hacking squad was responsible for a $50 million system breach in October. The attackers impersonated a trusted former contractor and supplied malware disguised as a valid document, taking advantage of professional communication standards.

The attack started on September 11 when a Radiant developer received a Telegram message from someone pretending to be a former contractor. The communication contained a zip file masquerading as a request for comments on a new project. After sharing the file with additional developers, the imbedded malware infected many devices.

This infection allowed hackers to access private keys and smart contracts, leading to the October 16 vulnerability that forced the platform to halt its lending activities. Mandiant, Radiant’s cybersecurity partner, linked the attack to a North Korean entity named “UNC4736,” likely associated with the Lazarus entity.

The platform reported that the virus was sophisticated, operating undetected by mimicking normal functionality and carrying out harmful operations in the background. This deceit rendered the compromise unnoticed during routine security assessments, including those performed with advanced technologies such as Tenderly.

Radiant Capital admitted that, despite strict security mechanisms, such as the use of hardware wallets and transaction simulations, the attackers were able to defeat these safeguards. The breach emphasizes the critical need for more robust hardware-based solutions to validate transactions on a deeper level.

The attackers relocated the stolen cash, worth an estimated $52 million, on October 24. This is the second large attack on Radiant Capital this year, after a $4.5 million vulnerability in January. The platform’s total value locked in (TVL) has since dropped from more than $300 million to under $5.81 million.

Radiant’s experience highlights the growing threat of complex assaults on DeFi platforms, as well as the significance of constant innovation in security practices.

author avatar
Satpal S
Satpal is an Editor and Author at 4C Media Co, specializing in all stories and news related to crypto and finance.
Advertisement

You May Also Like

Cryptocurrency

The increasing prevalence of crypto hacks and regulatory pressures has sparked a surge in self-custody adoption, with investors turning to secure hardware wallets for...

Cryptocurrency

The SEC has filed an appeal, disputing a court decision that XRP sold to individual investors is not an unregistered security. The regulator claims...

Cryptocurrency

Donald Trump's crypto company, World Liberty Financial, made a bold $48 million Ether acquisition as the currency gains traction versus Bitcoin. The move has...

Cryptocurrency

President-elect Donald Trump is expected to sign an executive order, perhaps on his first day of office, making bitcoin a national priority. The move...

polkadot
Polkadot (DOT) $ 6.58 2.36%
bitcoin
Bitcoin (BTC) $ 107,568.82 2.71%
ethereum
Ethereum (ETH) $ 3,335.19 1.02%
cardano
Cardano (ADA) $ 1.06 0.27%
xrp
XRP (XRP) $ 3.29 4.77%
stellar
Stellar (XLM) $ 0.461259 0.10%
litecoin
Litecoin (LTC) $ 119.99 0.07%