Radiant Capital has introduced plans to wind down operations after failing to get well from a $50 million exploit that devastated the lending protocol and left it with out ample funding to proceed.
Abstract
- Radiant Capital mentioned it can wind down operations after failing to get well from a $50 million exploit and safe new funding.
- The protocol will stay on-line in a upkeep state, permitting customers to withdraw funds and handle positions whereas growth work ends.
- Investigations linked the 2024 assault to North Korea-aligned risk actors, whereas restoration efforts had been hindered after parts of the stolen funds moved by Twister Money.
In response to a press release revealed Monday by Radiant’s decentralized autonomous group, the protocol might now not determine a viable route ahead after unsuccessful makes an attempt to get well stolen belongings, increase contemporary capital, and keep the assets wanted to function responsibly.
In a separate replace shared on X, the DAO mentioned contributors and group members had continued supporting the platform beneath more and more difficult circumstances. The group acknowledged that with out recovered funds, new funding, or renewed development, the protocol couldn’t stay sustainable.
The choice closes a tough chapter for a venture that when ranked among the many largest cross-chain lending platforms.
Launched in 2022, Radiant sought to unify liquidity throughout a number of blockchains and grew quickly throughout 2023. Knowledge from the protocol reveals its whole worth locked reached $386.8 million in December 2023.
Fortunes modified sharply after an October 2024 exploit that safety researchers and later investigations linked to North Korean risk actors. Following the breach, Radiant’s whole worth locked fell to roughly $75 million and dropped to about $5 million inside weeks, in accordance with protocol knowledge.
Restoration efforts failed to revive the protocol
Whereas operations are being scaled again, Radiant mentioned the protocol is not going to disappear fully. As an alternative, it can transfer into what it described as a upkeep state.
Beneath that association, the frontend will stay on-line, good contracts will keep accessible, and customers will nonetheless be capable to withdraw belongings, repay loans, and handle current positions. Improvement work, protocol upgrades, and enlargement efforts, nevertheless, will stop as DAO contributors step away from energetic operations.
Radiant additionally urged customers to handle their publicity fastidiously whereas the protocol enters its remaining section.
Remaining restoration initiatives linked to the hack will proceed. The DAO mentioned its remediation portal will keep open and any belongings recovered sooner or later will likely be returned to affected customers.
Earlier restoration efforts have produced restricted outcomes. In October 2025, blockchain safety agency CertiK reported that wallets linked to the attacker deposited 2,834 ETH into Twister Money after transferring funds by a number of addresses and swaps involving DAI.
CertiK estimated that roughly $10.8 million price of Ethereum had already been laundered by the mixer, complicating efforts to hint and get well the stolen belongings.
North Korea-linked assault grew to become a turning level
Radiant mentioned in December 2024 that an attacker posing as a former contractor distributed malware by Telegram. In response to the protocol, a malicious ZIP file circulated amongst builders for suggestions, creating an entry level that in the end led to the compromise.
A autopsy investigation from cybersecurity agency Mandiant later linked the incident to the AppleJeus hacking group, which it recognized as a part of North Korea’s cyber ecosystem.
In response to Mandiant, the attackers gained management of three of Radiant’s eleven multisig signer permissions and changed the lending pool’s implementation contract, permitting them to steal roughly $53 million from the Arbitrum and BNB Chain deployments.
The techniques used within the assault later surfaced in different main crypto incidents. In April 2026, Drift Protocol mentioned it had medium-high confidence that the identical actors behind the Radiant breach had been accountable for a separate exploit in opposition to its platform. Drift’s investigation concluded that the group spent months constructing belief with contributors by convention conferences {and professional} contacts earlier than deploying malicious instruments and hyperlinks.
Market response to Radiant’s closure announcement remained destructive. The protocol’s RDNT token fell 4.2% after the information.
