The situation surrounding the hackers responsible for the Radiant Capital breach continues to evolve. In recent months, they have made significant transactions with stolen assets.
Hackers Withdraw Funds
On August 12, 2025, blockchain security firm Onchain Lens reported that the hackers behind Radiant Capital converted 3,091 Ethereum into $13.26 million worth of DAI stablecoins. They moved the DAI to another wallet afterward. Prior to this, hackers stole $53 million from the platform on October 17, 2024.
Connections to North Korea
A post-mortem report by cybersecurity firm Mandiant, commissioned by Radiant Capital, revealed that the hackers had ties to North Korea. Specifically, the attack was attributed to the AppleJeus hacking group affiliated with the DPRK regime.
Methods of Attack
North Korean hackers are known for their sophisticated attacks. In the case of Radiant Capital, they used a mix of social engineering and malware to create a backdoor into developers’ devices. The attackers impersonated a former contractor via Telegram to deliver a zip file, supposedly containing a PDF, which instead had macOS malware.
The situation with Radiant Capital hackers highlights the need for enhanced security measures in the crypto space, especially regarding potential threats from organized groups.
