As a seasoned crypto investor with a penchant for keeping my fingers on the pulse of the blockchain world, the recent revelation about the $50 million hack on Radiant Capital has left me both saddened and cautious. The intricate nature of this attack, involving malware distributed via Telegram and traced back to North Korea-aligned hackers, serves as a stark reminder that no platform is immune to cyber threats.
Recently, Radiant Capital disclosed fresh details concerning the hack on their decentralized finance (DeFi) platform back in October, which they believe was carried out by a cybergroup linked to North Korea.
The attackers gained access through an elaborate scheme involving malware distributed via Telegram.
$50M Radiant Capital DeFi Hack
On October 16, 2024, a security breach was uncovered, which led Radiant to collaborate with cybersecurity specialists such as Mandiant, zeroShadow, Hypernative, and SEAL 911 for investigation and damage control purposes.
As stated in the official blog post, the incident was traced back to September 11, 2024, when a Radiant developer was contacted via Telegram by someone pretending to be a previous contractor. The message, designed to seem harmless, asked for feedback on a supposed career-related PDF file related to smart contract auditing.
In this scenario, the sender successfully imitated a genuine website to avoid raising red flags. When the file labeled “Penpie_Hacking_Analysis_Report.zip” was unzipped, it secretly installed a malware called INLETDRIFT designed for macOS systems. This hidden threat communicated with an offsite server and disguised itself as an authentic PDF document to seem harmless.
Although Radiant followed strict security measures such as transaction simulations and payload verifications, the malware managed to bypass detection by tampering with the front-end data of transactions. Unaware of its malicious nature, developers approved these transactions, thinking they were genuine. The meticulous planning of the attackers made the intrusion almost impossible to detect during routine scans.
ZeroShadow, a company specializing in Web3 security, has echoed Radiant Capital’s findings, suggesting that the hack was orchestrated by entities linked to North Korea. On December 9, they issued a statement confirming this.
With a strong level of certainty, we believe North Korea (DPRK) was involved in the October 16 incident at Radiant Capital. This belief is supported by various pieces of evidence, both on and off the platform. The movements traced to Hyperliquid were due to Radiant users failing to revoke permissions, not because the funds initially stolen from the incident were transferred there.
Radiant’s TVL Down by Over 97% This Year
As a researcher, I’m currently exploring the landscape of decentralized finance, and one project that has caught my attention is Radiant Capital. This innovative platform offers lending and borrowing services in a decentralized manner, leveraging LayerZero technology to facilitate cross-chain capabilities. According to DefiLlama’s latest data, the Total Value Locked (TVL) in this protocol stands at approximately $6 million.
This year, Radiant has suffered more than one security breach. Back in January, a weakness in a smart contract was exploited, resulting in a loss of approximately $4.5 million. At that time, the platform’s Total Value Locked (TVL) exceeded $300 million, but since then, there has been a notable decrease in locked assets, even during the bull market, suggesting a significant reduction in TVL over the year.
Read More
- SUI PREDICTION. SUI cryptocurrency
- Skull and Bones: Players Demand Nerf for the Overpowered Garuda Ship
- ‘The Batman 2’ Delayed to 2027, Alejandro G. Iñarritu’s Tom Cruise Movie Gets 2026 Date
- Navigating Last Epoch: Tips for New ARPG Players
- Gaming News: Rocksteady Faces Layoffs After Suicide Squad Game Backlash
- RIF PREDICTION. RIF cryptocurrency
- Why Sona is the Most Misunderstood Champion in League of Legends
- League of Legends: The Mythmaker Jhin Skin – A Good Start or a Disappointing Trend?
- House Of The Dead 2: Remake Gets Gruesome Trailer And Release Window
- Tekken Servers Down? Players Speculate About Clive Nerfs and More
2024-12-10 01:36