The person behind the recent Radiant Capital exploit reportedly moved nearly all of the stolen cryptocurrency, worth around $52 million, from the Layer 2 network to Ethereum.
Blockchain security firm Peckshield shared this information on October 24th, further dimming hopes of recovering funds.
Attackers nearly completed bridging stolen funds
According to PeckShield, the attacker's on-chain footprint shows that they bridged approximately 20,500 ETH tokens from Arbitrum and Binance's BNB chains to Ethereum. The funds were part of an October 16 attack that compromised Radiant Capital's smart contracts.
Another blockchain security firm, Ancilia, first discovered this suspicious activity, which initially resulted in the loss of at least $18 million worth of crypto assets from Radiant's liquidity pool on the Binance network. . The hackers then expanded their attack to a pool of decentralized finance (DeFi) protocols on Arbitrum, further compounding the losses.
Post-mortem analysis of the attack revealed that the perpetrators gained control by compromising the multi-signature wallet securing Radiant's funds. We were then able to obtain the private keys of 3 of the 11 signers, allowing us to upgrade and transfer ownership of our platform contracts.
This allowed the attackers to exfiltrate several trading pools, including those holding popular assets such as USDC, USDT, wBTC, wETH, and BNB.
Are recovery efforts in jeopardy?
The October 16 incident is the second time hackers have targeted Radiant this year. In January, DeFi platforms lost $4.5 million due to vulnerabilities in smart contracts.
The company has since worked with US law enforcement agencies, including the FBI, and partnered with cybersecurity organizations such as SEAL911 and ZeroShadow to recover stolen funds.
However, the culprits' move to Ethereum suggests they may be trying to cover their tracks, making recovery efforts even more difficult. Additionally, Radiant acknowledged that given the sophistication of the execution, even the enhanced security measures it currently has in place may not have been sufficient to prevent the exploit.
Moving funds to Ethereum is often the last step before criminals launder stolen funds through cryptocurrency mixers like Tornado Cash. CryptoPotato has reported similar incidents in the past, including one where the infamous WazirX hacker stole $235 million in mid-July and then transferred the illegal profits in bulk. .
Binance Free $600 (Exclusive to CryptoPotato): Receive an exclusive welcome offer of $600 on Binance when you register a new account using this link (Full details).
BYDFi Exchange 2024 limited offer: Welcome reward up to $2,888. Register using this link and open a 100 USDT-M position for free!
