🎁 Exclusive offer: Get EXTRA Bits and Celebrate Bybit's 6th Birthday With $2.2M Prize Pool. Act Now!

The $50 Million Deception: Radiant Capital Falls Victim to DPRK Cyber Heist

Key Takeaways

  • Radiant Capital lost $50 million in one of DeFi’s most advanced breaches, linked to North Korean cyber operatives;
  • Hackers used fake zip files to plant malware, bypassing macOS security and web3 tools like Tenderly;
  • Traditional security measures proved ineffective in countering this cyberattack's advanced techniques.
The $50 Million Deception: Radiant Capital Falls Victim to DPRK Cyber Heist

Radiant Capital, a decentralized finance (DeFi) protocol, has attributed a $50 million breach to a cyberattack linked to hackers from the Democratic People’s Republic of Korea (DPRK).

The announcement came after Radiant Capital enlisted cybersecurity specialists Mandiant to investigate the breach. Mandiant strongly accused a DPRK-affiliated hacking group of orchestrating the operation.

The attack’s origins trace back to September, when one of Radiant’s developers was contacted by an individual posing as a former contractor trusted by the team.

NEAR Protocol Explained: Beginner's Guide to NEAR (Animated)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

The fraudster presented the developer with a zip file, claiming it contained a new project requiring feedback. Once shared within the developer community, the file deployed advanced malware onto the systems.

This malicious software not only gained backdoor access to macOS devices but also cleverly displayed a genuine-looking PDF to avoid suspicion. The hackers' technical skills allowed the malware to communicate with a domain name that appeared harmless, ensuring its covert operations.

The attackers leveraged this malware to compromise several devices, bypassing multiple layers of security provided by Tenderly, a web3 infrastructure provider.

According to Radiant Capital’s detailed post-mortem, the malware’s payload included a deceptive AppleScript that enabled seamless transaction manipulation. Tenderly’s tools, which typically simulate transactions and verify payload data, failed to detect any abnormalities during these checks.

Despite adhering to best practices and security procedures, Radiant’s team admitted that the deceptive methods used in the attack rendered traditional safeguards ineffective.

According to the company, this exploit, executed in October, stands out as one of the most complex incidents in DeFi history.

While the Radiant Capital hack highlights the audacity of DPRK’s cyber tactics, it’s only the tip of the iceberg. Recently, North Korea’s cyber army has quietly infiltrated global IT networks. How did they pull it off? Read the full story.

Aaron S. Editor-In-Chief
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.

Loading...
Bybit
×
Verified

$30,000 IN REWARDS

Bybit Black Friday Deal
5.0 Rating