• Login
Crypto Newsmart
No Result
View All Result
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • ALTCOIN
    • ETEREUM
    • NFT’s
    • CRYPTO PRICE ANALYSIS
  • LEARN CRYPTO
  • CRYPTO EXCHANGES
  • BLOCKCHAIN
  • MINING
  • SCAM ALERT
  • PRESS RELEASE
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • ALTCOIN
    • ETEREUM
    • NFT’s
    • CRYPTO PRICE ANALYSIS
  • LEARN CRYPTO
  • CRYPTO EXCHANGES
  • BLOCKCHAIN
  • MINING
  • SCAM ALERT
  • PRESS RELEASE
No Result
View All Result
Crypto Newsmart
No Result
View All Result

Web3 Security Firms Confirm North Korea’s Role in Radiant Capital Hack

Crypto Newsmart by Crypto Newsmart
7 months ago
in Crypto Updates
Reading Time: 2 mins read
15
VIEWS
Share on Facebook
Web3 Security Firms Confirm North Korea’s Role in Radiant Capital Hack

Radiant Capital has revealed new findings about the $50 million hack targeting its decentralized finance (DeFi) platform in October, attributing the attack to a North Korea-aligned hacking group.

The attackers gained access through an elaborate scheme involving malware distributed via Telegram.

$50M Radiant Capital DeFi Hack

The breach, first discovered on October 16, 2024, prompted Radiant to partner with cybersecurity firms like Mandiant, zeroShadow, Hypernative, and SEAL 911 to investigate and mitigate the damage.

According to the official blog post, the attack was traced back to September 11, 2024, when a Radiant developer received a Telegram message from someone impersonating a former contractor. The message, crafted to appear harmless, requested feedback on a supposed career-related PDF file linked to smart contract auditing.

The sender convincingly spoofed a legitimate website, reducing suspicion. Once the file, titled Penpie_Hacking_Analysis_Report.zip, was opened, a macOS backdoor malware named INLETDRIFT was delivered. The malware communicated with an external server and appeared harmless by displaying a realistic PDF.

Despite Radiant’s adherence to rigorous security protocols, including transaction simulations and payload verifications, the malware evaded detection by manipulating front-end transaction data. Developers unknowingly signed off on malicious transactions, believing they were legitimate. The attackers’ planning rendered the intrusion nearly undetectable during routine checks.

zeroShadow, a Web3 security solutions provider, has also corroborated Radiant Capital’s assessment that the hack was the work of North Korea-linked actors. In a statement on December 9, the platform said,

“We also attribute the Radiant Capital October 16 incident to DPRK with high confidence based on multiple indicators that we have gathered on and off chain. We have tracked the movements to Hyperliquid as stemming from Radiant users failing to revoke permissions, and not the initial incident’s stolen funds.”

Radiant’s TVL Down by Over 97% This Year

Radiant Capital is a decentralized lending and borrowing protocol that integrates cross-chain capabilities through the use of LayerZero technology. DefiLlama’s latest figures place its total value locked (TVL) at a little over $6 million.

The October 16 hack is not the first time Radiant has been compromised this year. Back in January, a smart contract vulnerability was exploited, costing the platform $4.5 million, during which its TVL was significantly higher, surpassing $300 million, highlighting a significant decline in locked assets over the course of the year despite the bull run.

SPECIAL OFFER (Sponsored)

Binance Free $600 (CryptoPotato Exclusive): Use this link to register a new account and receive $600 exclusive welcome offer on Binance (full details).

LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE position on any coin!



Source link

Related Posts

Ethereum Price Prediction: ,000 Target Returns Amid Multi-Cycle Ascending Channel – Is ETH Ready?
Crypto Updates

Ethereum Price Prediction: $10,000 Target Returns Amid Multi-Cycle Ascending Channel – Is ETH Ready?

30 June 2025
US Treasury may publish report on federal Bitcoin holdings report: Bo Hines
Crypto Updates

US Treasury may publish report on federal Bitcoin holdings report: Bo Hines

27 June 2025
In Exactly How Much Trouble is the Ethereum Price Right Now? Analyst Weighs In
Crypto Updates

In Exactly How Much Trouble is the Ethereum Price Right Now? Analyst Weighs In

24 June 2025
AI Predicts 2026 Crypto Sector Surge as DePIN, RWA, SocialFi Steal Spotlight
Crypto Updates

AI Predicts 2026 Crypto Sector Surge as DePIN, RWA, SocialFi Steal Spotlight

21 June 2025
JPMorgan Chase to pilot JPMD deposit token on Coinbase’s Base
Crypto Updates

JPMorgan Chase to pilot JPMD deposit token on Coinbase’s Base

18 June 2025
Shaquille O’Neal Agrees to .8M Settlement Over FTX Endorsement Lawsuit
Crypto Updates

Shaquille O’Neal Agrees to $1.8M Settlement Over FTX Endorsement Lawsuit

15 June 2025

[convertful id="153816"]

by CurrencyRate.Today
  • Home
  • Disclaimer
  • Privacy Policy
  • Digital Millennium Copyright Act Policy (DMCA)
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us
CRYPTO NEWSMART

Copyright © 2021 Crypto Newsmart.

No Result
View All Result
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • ALTCOIN
    • ETEREUM
    • NFT’s
    • CRYPTO PRICE ANALYSIS
  • LEARN CRYPTO
  • CRYPTO EXCHANGES
  • BLOCKCHAIN
  • MINING
  • SCAM ALERT
  • PRESS RELEASE

Copyright © 2021 Crypto Newsmart.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Manage Cookie Consent

We use cookies to optimise our website and our service.

Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Preferences
{title} {title} {title}