The person behind the recent Radiant Capital exploit has moved almost all of the stolen crypto, valued at around $52 million, from Layer-2 networks to Ethereum.
Blockchain security firm PeckShield shared the information on October 24, further reducing hopes of recovering the funds.
The attacker has almost finished saving the stolen funds
According to PeckShield, the attacker’s chain footprint showed that they had connected around 20,500 ETH tokens from Arbitrum and Binance’s BNB chain to Ethereum. The funds were part of the October 16 attack that compromised Radiant Capital’s smart contracts.
Another blockchain security company, Ancilia Inc., was the first to spot the suspicious activity, which initially led to the loss of at least $18 million in crypto assets from Radiant’s liquidity pool on the network Binance. The hacker then extended the attack to the decentralized finance (DeFi) protocol group on Arbitrum, increasing the losses even further.
A post-mortem of the attack showed that the perpetrator gained control by compromising a multi-signature wallet securing Radiant’s funds. They were then able to obtain the private keys of three out of eleven signatories, giving them the ability to update platform contracts and transfer ownership.
It allowed the bad actor to drain several trading pools, including those holding popular assets such as USDC, USDT, wBTC, wETH, and BNB.
Are recovery efforts in jeopardy?
The October 16 incident is the second time hackers have targeted Radiant this year. In January, the DeFi platform lost $4.5 million due to a vulnerability in its smart contract.
The company has since engaged with US law enforcement, including the FBI, and partnered with cybersecurity outfits like SEAL911 and ZeroShadow in an attempt to recover the stolen money.
However, the thief’s move to Ethereum suggests they may be trying to hide their tracks, making recovery efforts that much more difficult. Furthermore, Radiant has admitted that given the sophistication of the execution, even the increased security measures it has now put in place may not have been enough to prevent the exploit.
Transferring funds to Ethereum is often the last step before criminals launder the stolen money using crypto mixers like Tornado Cash. CryptoPotato has reported such incidents in the past, including the infamous $235 million WazirX hack that transferred its ill-gotten gains in batches since it was stolen in mid-July.
SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).
2024 LIMITED OFFER on BYDFi Exchange – Up to $2888 Welcome Reward, Use this link to register and open a 100 USDT-M position for free!