- The Radiant Capital hacker has moved more than 5,400 Ethereum (ETH) tokens.
- Blockchain security firm PeckShield says the exploiter transferred the ETH to the crypto mixer Tornado Cash.
- Radiant Capital suffered a $50 million security breach in October 2024.
Blockchain security firm PeckShield reported that the exploiter responsible for the 2024 Radiant Capital hack has moved 5,411.8 Ethereum (ETH) tokens.
PeckShield issued an alert on October 31, 2025, noting the significant ETH transfer to Tornado Cash.
This recent movement of Radiant Capital funds comes more than a year after the protocol was exploited.
At the time of reporting, Ethereum (ETH) traded around $3,832, down 1.5% over the past 24 hours and down 3.2% on the week.
Radiant exploiter moves 5,411 ETH
Lending protocol Radiant Capital suffered a severe security breach on October 16, 2024, when $51 million in user funds were drained from its pools on the Arbitrum and BNB Chain networks.
After the incident, cybersecurity researchers linked the attacker to state-sponsored actors associated with North Korea.
Radiant sought assistance from law enforcement, including the FBI.
During the following year, the stolen funds have been moved in patterns consistent with laundering attempts.
PeckShield warned on October 31, 2025 that the exploiter deposited 5,411.8 ETH into Tornado Cash, worth about $20.7 million at the time.
The transfer consisted of a series of deposits in denominations of 0.1 ETH, 1 ETH, 10 ETH and 100 ETH.
On-chain data shows the attacker address 0x0fa503e4…2e748ef9e sending the coins to the mixing service.
Not the first movement of Radiant ETH
This roughly $20 million transfer from the attacker to Tornado Cash is not the first move of stolen Radiant funds.
On September 11, 2025, the suspected attacker moved 5,933 ETH, then worth about $26.7 million, also through a mixer.
Earlier, on August 12, 2025, the exploiter swapped 3,091 ETH for approximately $13.26 million in DAI stablecoins, diversifying the holdings further.
The mixing service also received a deposit of 2,834.6 ETH via the Arbitrum bridge as the attackers split the large haul into smaller tranches.
In early October, blockchain analytics firm Elliptic revealed that North Korea-linked hackers had stolen more than $2 billion in crypto so far in 2025.
Elliptic described that total as the largest annual amount ever tied to North Korea-linked groups.
Overall, those actors have now been associated with the theft of more than $6 billion in cryptocurrency.
“Most of the 2025 hacks involved manipulation attacks in which attackers trick or manipulate victims to gain access to cryptocurrencies,” the firm noted.