Ethereum News Today: Hacker Converts $13.26M Stolen ETH to DAI to Obscure Funds

Generated by AI AgentCoin World
Tuesday, Aug 12, 2025 11:49 am ET1min read
ETH
--
Aime RobotAime Summary

- A hacker converted 3,091 ETH ($13.26M) stolen from Radiant Capital into DAI stablecoins and transferred them to a new wallet to obscure illicit funds.

- This marks the first liquidation since the $53M breach, exploiting a 3-of-11 multisig vulnerability via cross-chain smart contracts and macOS-targeted malware.

- The attack began with a spoofed Telegram message containing malicious code, enabling backdoor access to hardware wallets through a man-in-the-middle attack.

- The ETH-to-DAI conversion highlights strategic use of stablecoins for illicit transactions, raising concerns about DeFi security gaps and long-term criminal tactics.

- Experts urge stronger audits, real-time monitoring, and developer training to address vulnerabilities in high-yield DeFi protocols exposed by the breach.

A hacker linked to the October 17, 2024, exploit of the cross-chain lending protocol Radiant Capital has executed a major on-chain transaction, converting 3,091

Ethereum
tokens into 13.26 million DAI stablecoins [1]. The Ethereum was sold at a price of $4,291 per token, resulting in a total liquidation value of $13.26 million. Following the conversion, the hacker transferred the DAI to a separate wallet address, a move that appears calculated to obscure the origin of the illicit funds and evade tracking [2].

This event marks the first observable liquidation of stolen assets since the $53 million breach, which targeted Radiant Capital's 3-of-11 multisig security mechanism. The attack had been meticulously planned, with malicious smart contracts deployed across multiple blockchain networks—including Arbitrum, Base, BSC, and Ethereum—as early as October 2, 2024, over 14 days before the actual exploit [3]. The breach involved the use of INLETDRIFT malware, specifically tailored for macOS, which provided attackers with backdoor access to hardware wallets through a sophisticated man-in-the-middle attack [4].

The hacker initially gained access via a spoofed Telegram message sent to a Radiant Capital developer on September 11, 2024. The message, appearing to come from a reputable former contractor, included a malicious ZIP file disguised as a legitimate PDF. Once opened, the file secretly installed backdoor privileges, allowing the attacker to execute commands and access sensitive transaction data [5].

The recent movement of the stolen ETH into DAI represents a strategic shift by the perpetrator to convert illiquid cryptocurrency holdings into a stable and widely accepted digital asset. DAI, being a dollar-pegged stablecoin, is often used in illicit transactions to obscure the source of funds and facilitate further transfers [1]. The transfer to a new wallet also suggests the hacker is actively managing the stolen funds to avoid exposure and potential enforcement actions.

The incident has reignited broader concerns about security in the DeFi space, particularly regarding the risks posed by smart contract vulnerabilities. Analysts have emphasized the need for stronger audit protocols, real-time monitoring systems, and enhanced developer security training to prevent similar attacks [3]. The delayed liquidation of the stolen assets further highlights the long-term strategic thinking of cybercriminals in the DeFi ecosystem.

As the DeFi industry continues to evolve, this case serves as a stark reminder of the critical importance of robust security measures. With protocols offering high-yield opportunities and open access, the balance between innovation and protection remains a central challenge for the sector. Investors and developers are now closely monitoring further developments in the Radiant Capital case, keenly aware of the potential implications for the broader crypto market [5].

Sources:

[1] Mitrade - [https://www.mitrade.com/insights/news/live-news/article-3-1033299-20250812](https://www.mitrade.com/insights/news/live-news/article-3-1033299-20250812)

[2] Crypto News - [https://crypto.news/radiant-capital-hack-funds-shift-as-13m-in-eth-swapped-for-dai/](https://crypto.news/radiant-capital-hack-funds-shift-as-13m-in-eth-swapped-for-dai/)

[3] Binance - [https://www.binance.com/en/square/post/28212435856265](https://www.binance.com/en/square/post/28212435856265)

[4] Crypto News - [https://cryptonews.net/news/security/31420574/](https://cryptonews.net/news/security/31420574/)

[5] CoinMarketCap - [https://coinmarketcap.com/community/articles/689b5f11668f434552362dfb/](https://coinmarketcap.com/community/articles/689b5f11668f434552362dfb/)