Originally published on: December 09, 2024
Radiant Capital recently unveiled shocking details of a $50 million hack on its decentralized finance (DeFi) platform in October. The attack, orchestrated by a North Korea-aligned hacker posing as an ex-contractor, involved the distribution of malware through Telegram.
According to Radiant’s update on December 6, their cybersecurity firm Mandiant confirmed that the attack originated from a Democratic People’s Republic of Korea (DPRK)-nexus threat actor. The incident unfolded after a Radiant developer received a Telegram message containing a zip file from a trusted former contractor. Little did they know, the file harbored malware that facilitated the intrusion.
The DeFi platform was forced to suspend its lending markets on October 16 when the hacker gained control of private keys and smart contracts. North Korean hacker groups have a history of targeting crypto platforms, having stolen a staggering $3 billion in crypto between 2017 and 2023.
Radiant Capital explained that the file appeared legitimate as requests to review PDFs are common in professional settings. The attackers even went to the extent of spoofing the contractor’s website domain to avoid suspicion. Multiple developer devices were compromised, and malicious transactions went undetected due to sophisticated deception tactics.
The threat actor behind the attack, identified as “UNC4736” or “Citrine Sleet,” is associated with North Korea’s Reconnaissance General Bureau. Despite Radiant’s robust security measures, the hackers executed the attack flawlessly, underscoring the need for stronger hardware-level solutions in the crypto space.
This incident serves as a costly lesson for the DeFi sector, highlighting the vulnerability of even the most stringent security protocols. Radiant Capital’s total value locked has plummeted following this attack, signaling the urgent need for heightened security measures in the industry.
As the DeFi landscape evolves, it is crucial for platforms to remain vigilant against sophisticated threats and prioritize the development of advanced security solutions to safeguard users’ assets. Stay informed with Finance Redefined for the latest updates on emerging trends and risks in the decentralized finance space.