Skip to main content
Security

Radiant Capital Hacker Nearly Doubles Stolen Funds to $94 Million

A DeFi multisig exploit enabled a hacker to nearly double their illicit gains to $94 million through strategic on-chain asset trading, exposing persistent post-breach liquidity risks.
September 18, 20253 min

A futuristic, translucent blue spherical object, resembling a secure network node, features a prominent central display. This display presents a dynamic candlestick chart, showing real-time price action with distinct bullish blue and bearish red patterns, partially veiled by metallic grilles
A translucent blue, rectangular device with rounded edges is positioned diagonally on a smooth, dark grey surface. The device features a prominent raised rectangular section on its left side and a small black knob with a white top on its right

Briefing

The Radiant Capital protocol, previously impacted by a $53 million exploit in October 2024, is now facing a compounded threat as the attacker has successfully grown their illicit gains to approximately $94.63 million through sophisticated on-chain trading strategies. This significant increase, achieved by converting stolen assets into Ethereum and strategically trading against market volatility, underscores the long-term financial implications of security breaches beyond the initial theft. The protocol’s ongoing efforts to establish a Guardian Fund and plan for Q3/Q4 2025 user compensation highlight the persistent challenge of recovering and mitigating losses from compromised multisig wallets.

A central sphere comprises numerous translucent blue and dark blue cubic elements, interconnected with several matte white spheres of varying sizes via thin wires, all partially encircled by a large white ring. The background features a blurred dark blue with soft bokeh lights, creating an abstract, deep visual field

Context

Prior to this incident, the DeFi landscape has consistently grappled with vulnerabilities stemming from complex smart contract interactions and centralized control points, such as multisignature wallets. The initial October 2024 exploit on Radiant Capital, specifically targeting its multisig wallet, exemplified a known class of attack where administrative key compromise or flawed access controls allow unauthorized fund transfers. This pre-existing attack surface, characterized by the inherent trust placed in key management, created the foundation for the subsequent strategic asset growth by the threat actor.

Central to the image is a metallic core flanked by translucent blue, geometric components, all surrounded by a vibrant, frothy white substance. These elements combine to depict an intricate digital process

Analysis

The incident’s technical mechanics involved a multi-stage process initiated by the compromise of Radiant Capital’s multisig wallet. Following the initial $53 million theft in October 2024, the attacker systematically converted the stolen assets, primarily into Ethereum (ETH) and DAI stablecoins. The core of the recent profit surge lies in the attacker’s calculated market maneuvers ∞ selling ETH at higher prices (around $4,562) for DAI and then repurchasing ETH during price dips (around $4,096) using the accumulated DAI. This chain of cause and effect demonstrates a sophisticated understanding of market dynamics, leveraging the liquidity of the Ethereum ecosystem to amplify illicit gains, thereby exploiting the time-value of stolen assets.

A detailed view captures a gleaming, multi-layered metallic framework housing embedded radiant blue square panels and numerous scattered blue gems. Fine white bubbles intricately cover parts of the structure, creating a dynamic texture against the sharp, reflective surfaces

Parameters

  • Protocol Targeted ∞ Radiant Capital
  • Initial Financial Impact ∞ $53 Million
  • Current Value of Stolen Funds ∞ $94.63 Million
  • Attack Vector (Original) ∞ Multisig Wallet Exploit
  • Attack Vector (Post-Exploit) ∞ Strategic On-chain Asset Trading (ETH/DAI)
  • Blockchain(s) Involved ∞ Arbitrum (original exploit), Ethereum (trading activity)
  • Hacker’s Current Holdings ∞ 14,436 ETH and 35.29 Million DAI

A close-up view presents a central spherical construct composed of countless dark blue, geometrically faceted crystals, intensely glowing with bright blue light from within. This luminous sphere is encircled and connected by smooth, matte white orbital rings and smaller white spherical nodes, with similar, out-of-focus structures receding into the dark background

Outlook

Immediate mitigation for users involves exercising extreme caution with any protocol-related communications and verifying official channels for compensation or security updates. The continued growth of stolen funds post-exploit poses a contagion risk, as it incentivizes similar long-term asset management strategies by other threat actors, potentially increasing market volatility from large-scale liquidation events. This incident will likely reinforce the need for enhanced post-breach monitoring capabilities, more robust multisig implementations, and the establishment of dedicated “Guardian Funds” or insurance mechanisms as new security best practices across DeFi protocols.

Radiant blue crystals, reminiscent of abstract sapphires, burst outwards from a central, subtly patterned white sphere. A clean white band encircles this crystalline cluster, evoking a sense of structured movement

Verdict

The Radiant Capital incident decisively illustrates that the financial impact of a security breach extends far beyond the initial theft, necessitating continuous threat intelligence and robust post-exploit asset tracking to mitigate compounding losses within the digital asset security landscape.

Signal Acquired from ∞ CoinMarketCap

Micro Crypto News Feeds

market volatility

Definition ∞ Market Volatility signifies the degree of variation in trading prices over time, typically measured by the standard deviation of price changes.

multisig wallet

Definition ∞ A multisig wallet is a type of cryptocurrency wallet that requires multiple digital signatures from different private keys to authorize a transaction.

ethereum ecosystem

Definition ∞ The Ethereum ecosystem comprises the network of decentralized applications, smart contracts, developers, users, and infrastructure built upon the Ethereum blockchain.

capital

Definition ∞ Capital refers to financial resources deployed for investment, operational expenditure, or the facilitation of economic activity within the digital asset sector.

financial impact

Definition ∞ Financial impact describes the consequences of an event, decision, or technology on monetary values, asset prices, or economic activity.

stolen funds

Definition ∞ Stolen funds represent digital assets that have been unlawfully acquired from their rightful owners.

attack vector

Definition ∞ An attack vector is a pathway or method by which malicious actors can gain unauthorized access to a system or digital asset.

asset trading

Definition ∞ Asset trading involves the buying and selling of financial instruments or digital representations of value.

ethereum

Definition ∞ Ethereum is a decentralized, open-source blockchain system that facilitates the creation and execution of smart contracts and decentralized applications (dApps).

eth

Definition ∞ ETH is the native cryptocurrency of the Ethereum blockchain.

security

Definition ∞ Security refers to the measures and protocols designed to protect assets, networks, and data from unauthorized access, theft, or damage.

financial

Definition ∞ Financial refers to matters concerning money, banking, investments, and credit.

Tags:

Tags: