Radiant Capital (@RDNTCapital), the cross-chain lending protocol, is winding down after the DAO concluded there is no viable path forward. The announcement marks the end of a prolonged effort
Radiant Capital (@RDNTCapital), the cross-chain lending protocol, is winding down after the DAO concluded there is no viable path forward. The announcement marks the end of a prolonged effort to recover from the October 2024 exploit that drained the protocol of roughly $50 million.
Rather than pulling the plug entirely, Radiant is moving into a maintenance state. The frontend will stay live, smart contracts will remain accessible, and users will still be able to withdraw funds, repay loans, and manage their positions. However, borrow caps will be set to zero, $RDNT emissions will cease, and active development will end. The remediation portal for affected users from the 2024 exploit will also remain live, with any recovered funds returned to those impacted.
A North Korean threat actor was responsible for the $50 million heist in October 2024. The incident occurred on October 16, after three developers had their devices infected with malware, which was then used to sign fraudulent transactions during a routine multi-signature process. Cybersecurity firm Mandiant attributed the attack to a North Korea-linked group tracked as UNC4736, also known as AppleJeus or Citrine Sleet, which is aligned with Pyongyang's Reconnaissance General Bureau.
According to investigators, the attackers began laying the groundwork in mid-September, when a Telegram message from what appeared to be a trusted former contractor was sent to a Radiant Capital developer. The archive contained a decoy PDF and a macOS malware payload named InletDrift, which established a backdoor on the infected device. Radiant published a post-mortem explaining that the attackers deceived the Safe Wallet verification, which displayed legitimate transactions while fraudulent ones were executed in the background, leading to the draining of roughly $50 million from core markets.
After the exploit, Radiant's total value locked dropped significantly, from over $300 million at the end of 2023 to around $5.81 million by early December 2024, according to DefiLlama. The protocol never regained meaningful traction. Binance completed the delisting of $RDNT from its spot trading platform on April 1, 2026, a decision the exchange said followed periodic reviews of factors including development activity and trading volume.
With no new capital, no runway, and no meaningful fund recovery after 18 months, the DAO has determined it cannot continue. Radiant's closure is a stark reminder of the operational and financial damage a single sophisticated state-sponsored attack can inflict on a DeFi protocol, regardless of its prior scale.
Sources:CoinDesk: Radiant Capital Says North Korean Hackers Behind $50 Million AttackSecurityWeek: $50 Million Radiant Capital Heist Blamed on North Korean HackersCoinTelegraph: Radiant Capital Says North Korea Posed as Ex-Contractor to Carry Out $50M Hack
