Radiant capital hacker flips looted $53M for 94% profit, here’s how they did it

The attacker responsible for last year’s Radiant Capital hack recently made an interesting play, turning the stolen funds into nearly double their original value.

Summary

• The Radiant Capital hacker has grown the $53 million stolen in the October exploit into about $102.5 million.
• Gains came from converting the stolen assets into ETH and holding for nearly ten months before cashing out amid the ongoing price pump.
• Over $3.1 billion has been lost to crypto hacks and scams so far in 2025, underscoring the need for stronger security measures.

In an August 14 X post, blockchain intelligence platform Lookonchain highlighted that the exploiter has grown their $53 million haul into approximately $102.5 million, booking a 93.5% profit through patient holding and times sales of Ethereum (ETH).

Following the exploit in October 2024, the hacker converted all stolen assets into a total of 21,957 ETH. After several months of silence, the exploiter recently resurfaced on August 12 amid ETH’s climb to take profit, exchanging 9,631 ETH for $43.9 million USD-pegged DAI (DAI) stablecoin at an average price of $4,562.

The Radiant Capital hacker turned the stolen $53M into $102.54M by trading $ETH, a profit of $49.5M(+93.5%).

10 months ago, the hacker stole $53M from Radiant Capital and swapped it all for 21,957 $ETH.

Recently, he began selling $ETH for profit, selling 9,631 $ETH($43.94M) at… pic.twitter.com/hwbLDnTVe5

— Lookonchain (@lookonchain) August 14, 2025

The stablecoins were moved into a separate wallet, and the transaction left their ETH stash holding approximately 12,326 ETH. Over the past few days, Ethereum has climbed significantly to new highs, trading slightly under $4,750 at the time of writing. This has lifted the remaining holdings to a valuation of about $58.6 million, up 3% on the day.

The Radiant capital hack was one of the most devastating industry losses of 2024. All efforts to recover the stolen funds have proven futile, and the latest shuffles by the attackers suggest that the funds may be lost for good.

The Radiant capital hack

Last October, attackers used social engineering to impersonate a former Radiant Capital contractor via Telegram, delivering a zip file disguised as a PDF to the protocol. The file contained macOS malware that altered transaction displays, tricking developers into signing malicious smart contract calls.

Blockchain security experts tied the attack to the North Korea-linked group AppleJeus, another hacking syndicate that preys on the industry alongside the notorious Lazarus.

You might also like: DOJ busts four North Korean hackers in $900K crypto theft

By exploiting routine transaction resubmissions, the attackers gathered enough compromised signatures to transfer ownership of Radiant’s lending pools on Arbitrum and Binance Smart Chain, resulting in hefty losses.

The incident remains a reminder of the disturbing trend of cyberattacks that continues to plague the broader industry. So far this year, over $3.1 billion has been lost to various forms of scams and hacks. Hackers continue to sharpen their tactics to match evolving security standards, underscoring the need for stronger industry-wide defense.

You might also like: Fake Aave ads top Google top search results again, targets investors with phishing links

Source