A North Korean threat actor was behind the $50 million attack on Radiant Capital in October and spoofed being an ex-contractor, the DeFi platform said.
Radiant Capital has said a $50 million hack on its decentralized finance (DeFi) platform in October was carried out through malware sent via Telegram from a North Korea-aligned hacker posing as an ex-contractor.
Radiant said in a Dec. 6 update of the ongoing investigation that its contracted cybersecurity firm Mandiant has assessed “with high-confidence that this attack is attributable to a Democratic People’s Republic of Korea (DPRK)-nexus threat actor.”
The platform said a Radiant developer received a Telegram message with a zip file from a “trusted former contractor” on Sept. 11 asking for feedback on a new endeavor they were planning.
