Decentralized finance platform Radiant Capital had over $50 million worth of cryptocurrency following a heist on the evening of Oct. 16, which has also led to a temporary pause in its operations, reports The Record, a news site by cybersecurity firm Recorded Future.
Advanced malware injection attacks have been conducted by threat actors against at least three reputable Radiant Capital contributors' devices, which were later leveraged to validate malicious transactions, according to a post-mortem report from Radiant Capital. "These developers used hardware wallets and were geographically distributed, reducing the likelihood of a coordinated physical attack," said Radiant Capital in a post-mortem report, which noted that more devices could have also been impacted by the incident. Such an incident, which is believed by cybersecurity experts to have involved the compromise of developers' private keys, has already been reported to U.S. law enforcement and ZeroShadow, noted Radiant Capital official Konstantin Levin. Radiant Capital also had $4.5 million worth of cryptocurrency stolen more than 10 months ago.
