{"id":7546,"date":"2025-08-12T12:53:29","date_gmt":"2025-08-12T12:53:29","guid":{"rendered":"https:\/\/bitunikey.com\/news\/radiant-capital-hack-funds-shift-as-13m-in-eth-swapped-for-dai\/"},"modified":"2025-08-12T12:53:30","modified_gmt":"2025-08-12T12:53:30","slug":"radiant-capital-hack-funds-shift-as-13m-in-eth-swapped-for-dai","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/radiant-capital-hack-funds-shift-as-13m-in-eth-swapped-for-dai\/","title":{"rendered":"Radiant Capital hack funds shift as $13m in ETH swapped for DAI"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">The hackers behind Radiant Capital have made their first major move in months, offloading an additional $13 million in Ethereum.<\/p>\n<div id=\"cn-block-summary-block_d777a095788c36e8cb657203a2e6bac4\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>Radiant Capital hackers cash out $13M ETH<\/li>\n<li>Hackers used sophisticated malware and social engineering<\/li>\n<li>North Korean-linked hackers likely behind the attack<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>What was once called one of the most sophisticated hacks in DeFi continues to unfold. On Tuesday, August 12, blockchain security firm Onchain Lens reported that the hackers behind Radiant Capital converted an additional 3,091 Ethereum (ETH) into 13.26 million USD-pegged DAI stablecoins. The hackers then moved the DAI to another wallet.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Radiant Capital (<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/RDNTCapital?ref_src=twsrc%5Etfw\" target=\"_blank\">@RDNTCapital<\/a>) Exploiter sold 3,091 <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24ETH&amp;src=ctag&amp;ref_src=twsrc%5Etfw\" target=\"_blank\">$ETH<\/a> for 13.26M <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24DAI&amp;src=ctag&amp;ref_src=twsrc%5Etfw\" target=\"_blank\">$DAI<\/a> at a price of $4,291 and transferred the <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24DAI&amp;src=ctag&amp;ref_src=twsrc%5Etfw\" target=\"_blank\">$DAI<\/a> to another wallet.<\/p>\n<p>The platform was hacked for $53M on October 17, 2024.<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/t.co\/Hp8rEBFegT\" target=\"_blank\">https:\/\/t.co\/Hp8rEBFegT<\/a> <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/t.co\/5OOIlwix59\" target=\"_blank\">https:\/\/t.co\/5OOIlwix59<\/a> <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/t.co\/OW8EwNDVFO\" target=\"_blank\">pic.twitter.com\/OW8EwNDVFO<\/a><\/p>\n<p>\u2014 Onchain Lens (@OnchainLens) <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/OnchainLens\/status\/1955210510842151134?ref_src=twsrc%5Etfw\" target=\"_blank\">August 12, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n<p>Hackers obtained the 3,091 ETH in a major exploit on October 17, 2024, which cost the platform and its users $53 million. Hackers stole various crypto assets across Arbitrum and BSC. Immediately after the breach, hackers <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/OnchainLens\/status\/1846724390899405055\" target=\"_blank\">converted<\/a> the stolen crypto into 12,835 ETH, worth $33.56 million at the time, and 32,113 BNB (BNB), worth $19.35 million. <\/p>\n<p>Interestingly, the latest sale of $13 million worth of ETH barely made any impact on the market. This suggests that the sophisticated hackers are aware of the impact of liquidity on their sales, and may be looking for the best moment to offload funds. <\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\">Radiant Capital hackers tied to North Korea<\/h2>\n<p>According to a <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/medium.com\/@RadiantCapital\/radiant-capital-incident-update-e56d8c23829e\" target=\"_blank\">post-mortem report<\/a> by cybersecurity firm Mandiant, commissioned by Radiant Capital, the hackers had ties to North Korea. Specifically, Mandiant attributed the attack to the AppleJeus hacking group, affiliated with the DPRK regime.<\/p>\n<p>North Korean hackers are known for engineering sophisticated attacks. In the Radiant Capital case, they used a mix of social engineering and malware to create a backdoor into developers\u2019 devices.<\/p>\n<p>The attackers impersonated a former contractor via Telegram to deliver a zip file, supposedly containing a PDF. In reality, the file contained macOS malware that enabled blind signing of malicious smart contract transactions.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The hackers behind Radiant Capital have made their first major move in months, offloading an additional $13 million in Ethereum. Summary Radiant Capital hackers cash out $13M ETH Hackers used&hellip;<\/p>\n","protected":false},"author":1,"featured_media":2659,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-7546","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/7546","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=7546"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/7546\/revisions"}],"predecessor-version":[{"id":7547,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/7546\/revisions\/7547"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/2659"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=7546"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=7546"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=7546"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}