{"id":33366,"date":"2024-12-09T14:00:30","date_gmt":"2024-12-09T11:00:30","guid":{"rendered":"https:\/\/coinengineer.net\/blog\/?p=33366"},"modified":"2024-12-09T12:29:19","modified_gmt":"2024-12-09T09:29:19","slug":"defi-platform-radiant-capital-cyberattack","status":"publish","type":"post","link":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/","title":{"rendered":"DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack"},"content":{"rendered":"<p>Radiant Capital has disclosed details of the October <a href=\"https:\/\/coinengineer.net\/blog\/meme-coin-boge-suffers-cyberattack-price-crashes-by-over-90\/\">cyberattack<\/a> that resulted in $50 million in losses. The attack was orchestrated by a North Korea-linked hacker group that exploited Telegram to deliver a malicious file.<\/p>\n<p>In a statement on December 6, Radiant Capital identified the threat actor as &#8220;UNC4736,&#8221; also known as &#8220;Citrine Sleet,&#8221; which operates under North Korea\u2019s Reconnaissance General Bureau (RGB).<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_71 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#How_the_Cyberattack_Unfolded\" title=\"How the Cyberattack Unfolded\">How the Cyberattack Unfolded<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#Impact_of_the_Hack\" title=\"Impact of the Hack\">Impact of the Hack<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#North_Koreas_Growing_Role_in_Crypto_Hacks\" title=\"North Korea\u2019s Growing Role in Crypto Hacks\">North Korea\u2019s Growing Role in Crypto Hacks<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"How_the_Cyberattack_Unfolded\"><\/span><strong>How the Cyberattack Unfolded<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The attack began on September 11 with a malicious ZIP file sent to a Radiant developer. Disguised as a legitimate message from a former contractor, the file built trust to bypass initial suspicion. Radiant Capital later determined that the file was crafted by North Korean threat actors.<\/p>\n<p>The malware spread as it was shared among developers, infecting multiple devices. It conducted malicious activities in the background while presenting a normal interface to users.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Impact_of_the_Hack\"><\/span><strong>Impact of the Hack<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li><strong>Lending Services Suspended<\/strong>: Radiant halted lending operations on October 16.<\/li>\n<li><strong>Funds Stolen<\/strong>: $52 million was transferred on October 24.<\/li>\n<li><strong>Platform Value Drop<\/strong>: Radiant&#8217;s total value locked (TVL) plummeted from $300 million at the start of 2023 to just $5.81 million.<\/li>\n<li><strong>Attribution<\/strong>: Security firm Mandiant attributed the attack to North Korean actors with high confidence.<\/li>\n<\/ul>\n<p>Radiant Capital emphasized the sophistication of the attack, noting that &#8220;traditional security measures, simulations, and even hardware wallets were insufficient to counter the threat.&#8221;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"North_Koreas_Growing_Role_in_Crypto_Hacks\"><\/span><strong>North Korea\u2019s Growing Role in Crypto Hacks<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Since 2017, North Korea-linked hacker groups have stolen an estimated $3 billion worth of cryptocurrencies through attacks on crypto platforms. The group behind the Radiant Capital hack is reportedly associated with the infamous Lazarus Group.<\/p>\n<p>For the latest cryptocurrency insights and updates,<a href=\"https:\/\/t.me\/coinengineernews\"><strong> click now<\/strong><\/a> and stay informed!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Radiant Capital has disclosed details of the October cyberattack that resulted in $50 million in losses. The attack was orchestrated by a North Korea-linked hacker group that exploited Telegram to deliver a malicious file. In a statement on December 6, Radiant Capital identified the threat actor as &#8220;UNC4736,&#8221; also known as &#8220;Citrine Sleet,&#8221; which operates<\/p>\n","protected":false},"author":2,"featured_media":9128,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[393,6458,93,3369],"class_list":["post-33366","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-news","tag-crypto","tag-cyberattack","tag-defi","tag-radiant-capital"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack - Coin Engineer<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack - Coin Engineer\" \/>\n<meta property=\"og:description\" content=\"Radiant Capital has disclosed details of the October cyberattack that resulted in $50 million in losses. The attack was orchestrated by a North Korea-linked hacker group that exploited Telegram to deliver a malicious file. In a statement on December 6, Radiant Capital identified the threat actor as &#8220;UNC4736,&#8221; also known as &#8220;Citrine Sleet,&#8221; which operates\" \/>\n<meta property=\"og:url\" content=\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/\" \/>\n<meta property=\"og:site_name\" content=\"Coin Engineer\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-09T11:00:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-09T09:29:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/01\/2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1140\" \/>\n\t<meta property=\"og:image:height\" content=\"760\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Yunus Ta\u015fl\u0131\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Yunus Ta\u015fl\u0131\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/\",\"url\":\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/\",\"name\":\"DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack - Coin Engineer\",\"isPartOf\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/01\/2.jpg\",\"datePublished\":\"2024-12-09T11:00:30+00:00\",\"dateModified\":\"2024-12-09T09:29:19+00:00\",\"author\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/3b5f1d8348693fca419229a65d8cf4b3\"},\"breadcrumb\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#primaryimage\",\"url\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/01\/2.jpg\",\"contentUrl\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/01\/2.jpg\",\"width\":1140,\"height\":760,\"caption\":\"Radiant Capital\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/coinengineer.net\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#website\",\"url\":\"https:\/\/coinengineer.net\/blog\/\",\"name\":\"Coin Engineer\",\"description\":\"Btc, Coins, Pre-Sale, DeFi, NFT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/coinengineer.net\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/3b5f1d8348693fca419229a65d8cf4b3\",\"name\":\"Yunus Ta\u015fl\u0131\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3b7beb9215ebe43d2161c0de485eca68dcd10a6de219f9f665ac51ab09ca8fad?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3b7beb9215ebe43d2161c0de485eca68dcd10a6de219f9f665ac51ab09ca8fad?s=96&d=mm&r=g\",\"caption\":\"Yunus Ta\u015fl\u0131\"},\"url\":\"https:\/\/coinengineer.net\/blog\/author\/ceyunus\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack - Coin Engineer","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/","og_locale":"en_US","og_type":"article","og_title":"DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack - Coin Engineer","og_description":"Radiant Capital has disclosed details of the October cyberattack that resulted in $50 million in losses. The attack was orchestrated by a North Korea-linked hacker group that exploited Telegram to deliver a malicious file. In a statement on December 6, Radiant Capital identified the threat actor as &#8220;UNC4736,&#8221; also known as &#8220;Citrine Sleet,&#8221; which operates","og_url":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/","og_site_name":"Coin Engineer","article_published_time":"2024-12-09T11:00:30+00:00","article_modified_time":"2024-12-09T09:29:19+00:00","og_image":[{"width":1140,"height":760,"url":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/01\/2.jpg","type":"image\/jpeg"}],"author":"Yunus Ta\u015fl\u0131","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Yunus Ta\u015fl\u0131","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/","url":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/","name":"DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack - Coin Engineer","isPartOf":{"@id":"https:\/\/coinengineer.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#primaryimage"},"image":{"@id":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#primaryimage"},"thumbnailUrl":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/01\/2.jpg","datePublished":"2024-12-09T11:00:30+00:00","dateModified":"2024-12-09T09:29:19+00:00","author":{"@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/3b5f1d8348693fca419229a65d8cf4b3"},"breadcrumb":{"@id":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#primaryimage","url":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/01\/2.jpg","contentUrl":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/01\/2.jpg","width":1140,"height":760,"caption":"Radiant Capital"},{"@type":"BreadcrumbList","@id":"https:\/\/coinengineer.net\/blog\/defi-platform-radiant-capital-cyberattack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/coinengineer.net\/blog\/"},{"@type":"ListItem","position":2,"name":"DeFi Platform Radiant Capital Reveals Details of $50 Million Cyberattack"}]},{"@type":"WebSite","@id":"https:\/\/coinengineer.net\/blog\/#website","url":"https:\/\/coinengineer.net\/blog\/","name":"Coin Engineer","description":"Btc, Coins, Pre-Sale, DeFi, NFT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/coinengineer.net\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/3b5f1d8348693fca419229a65d8cf4b3","name":"Yunus Ta\u015fl\u0131","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3b7beb9215ebe43d2161c0de485eca68dcd10a6de219f9f665ac51ab09ca8fad?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3b7beb9215ebe43d2161c0de485eca68dcd10a6de219f9f665ac51ab09ca8fad?s=96&d=mm&r=g","caption":"Yunus Ta\u015fl\u0131"},"url":"https:\/\/coinengineer.net\/blog\/author\/ceyunus\/"}]}},"_links":{"self":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/33366","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/comments?post=33366"}],"version-history":[{"count":1,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/33366\/revisions"}],"predecessor-version":[{"id":33367,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/33366\/revisions\/33367"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/media\/9128"}],"wp:attachment":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/media?parent=33366"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/categories?post=33366"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/tags?post=33366"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}