The hacker who exploited Radiant Capital’s $53 million cross-chain DeFi protocol breach in October 2024 has nearly doubled the value of the stolen funds by holding and trading Ethereum (ETH).
Initially converting the entire stolen amount into 21,957 ETH at around $2,414 per token, the hacker’s assets surged to a value exceeding $103 million due to Ethereum’s subsequent price rally.
啊,好家伙,这 Radiant Capital 黑客竟然玩起波段来了😂:
他不是在一周前以 $4,562 的均价卖出了 9,631 枚 ETH 换成 4393.7 万 DAI 嘛。
这几天 ETH 回调了,他在过去 1 小时里又用 $864 万 DAI 以 $4,096 的价格重新买回了 2109.5 枚 ETH…现在 Radiant Capital 黑客持有 14,436 枚 ETH+3529 万… https://t.co/hO4MbNPrjd pic.twitter.com/ihLYhpmNAV
— 余烬 (@EmberCN) August 20, 2025
Since the theft, Ethereum’s price has climbed from approximately $2,500 in October 2024 to above $4,700 in August 2025. This market upswing increased the hacker’s holdings to roughly $102.5 million, resulting in an estimated profit of $49.5 million or a 93.5% gain. The hacker recently began selling part of the stash, offloading 9,631 ETH for about $43.94 million at an average price of $4,562 per ETH, while retaining 12,326 ETH valued at around $58.1 million.
Blockchain forensics experts suggest the decision to hold the ETH was more likely driven by operational liquidity and security considerations than a deliberate market timing tactic. Hackers often swap proceeds for liquid assets like Ethereum or Bitcoin to reduce the risk of token freezes and ease asset movement across ecosystems.
This incident underscores ongoing security challenges within decentralized finance (DeFi) platforms while highlighting the unintended financial gains possible from cryptocurrency price volatility. Radiant Capital has faced significant losses, but the larger crypto community watches closely as on-chain activities from this exploit continue.
Notably, North Korea’s Lazarus cybercrime group has been accused of carrying out a £17 million cryptocurrency theft from British-registered exchange Lykke, an attack described as one of the largest to hit a UK-based digital asset company.
The claim was detailed in a recent report by The Telegraph, citing findings from the Office of Financial Sanctions Implementation (OFSI). The breach, which occurred in 2023, saw hackers drain Bitcoin, Ethereum and other digital assets from Lykke’s platform.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
