Capital funds under Radiant Capital's management undergo a change, as 13 million dollars worth of Ethereum (ETH) are exchanged for DAI.
North Korean Hackers Steal $53 Million from Radiant Capital in Cryptocurrency Heist
In a significant cyber attack, a North Korea-linked hacking group known as AppleJeus targeted Radiant Capital, stealing $53 million in cryptocurrency assets in October 2024. The attack was a combination of social engineering and malware, making it a sophisticated and prolonged operation.
The hackers impersonated a former contractor via a Telegram message and sent a malicious zip file disguised as a PDF. This file contained malware, specifically macOS-specific malware called INLETDRIFT, which compromised the core team’s private keys and enabled the attackers to siphon tokens from lending pools on platforms including Arbitrum and Binance Smart Chain (BSC).
The malware also allowed for blind signing of malicious smart contract transactions, manipulating Radiant Capital’s operations. The attack resulted in the theft of significant amounts of Ethereum (ETH) and Binance Coin (BNB), totaling 12,835 ETH and 32,113 BNB among other assets.
After the theft, the hackers strategically converted and traded the stolen funds, initially converting them into about 21,957 ETH (valued at roughly $53 million in October 2024) and subsequently increasing the value to around $94 million through careful trading and holding during Ethereum’s price rise.
The AppleJeus group is known for their sophisticated, prolonged social engineering attacks, often building trust with targets before deploying malware. This makes them a notable threat in the DeFi and cryptocurrency space.
A post-mortem report by cybersecurity firm Mandiant, commissioned by Radiant Capital, links the hackers responsible for the Radiant Capital attack to North Korea. However, it is not specified in the article whether the four North Korean hackers busted by the Department of Justice in connection with a $900,000 crypto theft are connected to the Radiant Capital hack.
The details of the $900,000 crypto theft case are not provided in the article, and there is no information about any specific actions taken by Radiant Capital in response to the hack. The impact of the Radiant Capital hack on the affected crypto companies is also not detailed in the article.
- The stolen cryptocurrency assets, worth around $94 million, were strategically converted and traded during Ethereum's price rise, demonstrating the hackers' understanding of the crypto market and blockchain technology.
- The malware used in the attack, INLETDRIFT, was specifically designed to compromise the team's private keys and manipulate smart contract transactions on decentralized exchanges (DEXs) such as Arbitrum and Binance Smart Chain (BSC).
- Binance Coin (BNB) was among the assets stolen during the heist, alongside significant amounts of Ethereum (ETH), highlighting the vulnerability of cryptocurrency wallets and the potential risks associated with DeFi and crypto technology.
- AppleJeus, the hacking group responsible for the attack, have displayed a prowess in cybersecurity threats, utilizing social engineering tactics to gain trust and subsequently deploy malware, positioning them as a significant threat in the Defi and cryptocurrency sector.
- Radiant Capital, in the aftermath of the heist, may consider implementing enhanced cybersecurity measures, including multi-factor authentication for wallet access and thorough verification processes for any communication channels, to mitigate future attacks on their blockchain assets andcrypto holdings.
%20are%20exchanged%20for%20DAI.){kind=link}