Security

Radiant Capital Hacker Nearly Doubles Stolen Funds to $94 Million

A DeFi multisig exploit enabled a hacker to nearly double their illicit gains to $94 million through strategic on-chain asset trading, exposing persistent post-breach liquidity risks.
September 18, 20253 min

A translucent, faceted sphere, illuminated from within by vibrant blue circuit board designs, is centrally positioned within a futuristic, white, segmented orbital structure. This visual metaphor explores the intersection of advanced cryptography and distributed ledger technology
A futuristic, highly reflective blue structure, resembling a sophisticated protocol design, securely holds a smooth, white spherical object. This entire arrangement rests on a textured, light-toned surface, suggestive of a complex digital landscape

Briefing

The Radiant Capital protocol, previously impacted by a $53 million exploit in October 2024, is now facing a compounded threat as the attacker has successfully grown their illicit gains to approximately $94.63 million through sophisticated on-chain trading strategies. This significant increase, achieved by converting stolen assets into Ethereum and strategically trading against market volatility, underscores the long-term financial implications of security breaches beyond the initial theft. The protocol’s ongoing efforts to establish a Guardian Fund and plan for Q3/Q4 2025 user compensation highlight the persistent challenge of recovering and mitigating losses from compromised multisig wallets.

A close-up captures a futuristic, intricate digital mechanism, centered around a radiant blue, snowflake-like pattern within a dark hexagonal frame. Glowing blue lines illuminate its complex structure, emphasizing a core processing unit

Context

Prior to this incident, the DeFi landscape has consistently grappled with vulnerabilities stemming from complex smart contract interactions and centralized control points, such as multisignature wallets. The initial October 2024 exploit on Radiant Capital, specifically targeting its multisig wallet, exemplified a known class of attack where administrative key compromise or flawed access controls allow unauthorized fund transfers. This pre-existing attack surface, characterized by the inherent trust placed in key management, created the foundation for the subsequent strategic asset growth by the threat actor.

A white, high-tech module is shown partially separated, revealing glowing blue internal components and metallic rings. The detached front section features a circular opening, while the main body displays intricate, illuminated circuitry

Analysis

The incident’s technical mechanics involved a multi-stage process initiated by the compromise of Radiant Capital’s multisig wallet. Following the initial $53 million theft in October 2024, the attacker systematically converted the stolen assets, primarily into Ethereum (ETH) and DAI stablecoins. The core of the recent profit surge lies in the attacker’s calculated market maneuvers → selling ETH at higher prices (around $4,562) for DAI and then repurchasing ETH during price dips (around $4,096) using the accumulated DAI. This chain of cause and effect demonstrates a sophisticated understanding of market dynamics, leveraging the liquidity of the Ethereum ecosystem to amplify illicit gains, thereby exploiting the time-value of stolen assets.

A prominent white, multi-spherical and ring-shaped apparatus dominates the foreground, housing a vibrant cluster of deep blue, faceted crystalline structures. This central assembly is surrounded by an expansive, blurred background composed of countless intricate, interconnected metallic components, extending into the distance

Parameters

  • Protocol Targeted → Radiant Capital
  • Initial Financial Impact → $53 Million
  • Current Value of Stolen Funds → $94.63 Million
  • Attack Vector (Original) → Multisig Wallet Exploit
  • Attack Vector (Post-Exploit) → Strategic On-chain Asset Trading (ETH/DAI)
  • Blockchain(s) Involved → Arbitrum (original exploit), Ethereum (trading activity)
  • Hacker’s Current Holdings → 14,436 ETH and 35.29 Million DAI

A pristine white spherical device with a luminous blue central lens is depicted, partially encased within a shattered, ice-like structure. The fractured outer shell reveals the inner workings and the radiant blue light emanating from its core, symbolizing the intricate protocol architecture of an advanced Decentralized Autonomous Agent

Outlook

Immediate mitigation for users involves exercising extreme caution with any protocol-related communications and verifying official channels for compensation or security updates. The continued growth of stolen funds post-exploit poses a contagion risk, as it incentivizes similar long-term asset management strategies by other threat actors, potentially increasing market volatility from large-scale liquidation events. This incident will likely reinforce the need for enhanced post-breach monitoring capabilities, more robust multisig implementations, and the establishment of dedicated “Guardian Funds” or insurance mechanisms as new security best practices across DeFi protocols.

A striking abstract composition features a central bimodal spherical form, with its left half densely covered in numerous brilliant blue, faceted crystalline shapes. The right half reveals an intricate internal structure of thin white lines, small opaque white spheres, and clear bubble-like elements

Verdict

The Radiant Capital incident decisively illustrates that the financial impact of a security breach extends far beyond the initial theft, necessitating continuous threat intelligence and robust post-exploit asset tracking to mitigate compounding losses within the digital asset security landscape.

Signal Acquired from → CoinMarketCap

Micro Crypto News Feeds

market volatility

Definition ∞ Market Volatility signifies the degree of variation in trading prices over time, typically measured by the standard deviation of price changes.

multisig wallet

Definition ∞ A multisig wallet is a type of cryptocurrency wallet that requires multiple digital signatures from different private keys to authorize a transaction.

ethereum ecosystem

Definition ∞ The Ethereum ecosystem comprises the network of decentralized applications, smart contracts, developers, users, and infrastructure built upon the Ethereum blockchain.

capital

Definition ∞ Capital refers to financial resources deployed for investment, operational expenditure, or the facilitation of economic activity within the digital asset sector.

financial impact

Definition ∞ Financial impact describes the consequences of an event, decision, or technology on monetary values, asset prices, or economic activity.

stolen funds

Definition ∞ Stolen funds represent digital assets that have been unlawfully acquired from their rightful owners.

attack vector

Definition ∞ An attack vector is a pathway or method by which malicious actors can gain unauthorized access to a system or digital asset.

asset trading

Definition ∞ Asset trading involves the buying and selling of financial instruments or digital representations of value.

ethereum

Definition ∞ Ethereum is a decentralized, open-source blockchain system that facilitates the creation and execution of smart contracts and decentralized applications (dApps).

eth

Definition ∞ ETH is the native cryptocurrency of the Ethereum blockchain.

security

Definition ∞ Security refers to the measures and protocols designed to protect assets, networks, and data from unauthorized access, theft, or damage.

financial

Definition ∞ Financial refers to matters concerning money, banking, investments, and credit.

Tags:

Tags: