The security breach affected three Radiant Capital developers, all of whom were trusted participants in the DAO. Hackers were able to carry out a successful attack and remove assets from the main Arbitrum and BSC markets, despite the fact that trusted developers used hardware wallets and were geographically distributed.
To investigate the hack and track the movement of stolen crypto assets, Radiant hired cybersecurity experts from Mandiant, zeroShadow, Hypernative and SEAL 911.
After an investigation, cybersecurity experts came to the conclusion that attackers from North Korea were involved in the hacker attacks. Hackers managed to inject a malicious program called InletdriftL onto the devices of trusted Radiant Capital developers via a PDF message. The program installed a persistent backdoor on computers running macOS and executed malicious AppleScript.
Experts said traditional verification and simulation procedures for apparently legitimate transactions did not reveal obvious inconsistencies, while malicious transactions were signed and executed in the background, making the threat virtually invisible.
Radiant Capital assured that they are continuing efforts to restore the functionality of the site and return the stolen assets.
The October hack was the second incident involving Radiant Capital’s cross-chain decentralized lending protocol in 2024. In January, hackers managed to hack the new Radiant liquidity pool based on the Arbitrum network and withdraw 1,900 ETH ($4.5 million).
Source: Bits

I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.