Radiant Capital announced plans to scale back operations after failing to recover from a $50 million exploit that destroyed its lending protocol and left it without enough funding to continue.
summary
- Radiant Capital said it would end operations after failing to recover from a $50 million exploit and secure new financing.
- The protocol will remain online for maintenance, allowing users to withdraw funds and manage positions while development work is completed.
- Investigations linked the 2024 attack to actors allied with North Korea, while recovery efforts were hampered after portions of the stolen funds moved via Tornado Cash.
According to A statement Published on Monday by decentralized autonomous organization Radiant, the protocol is no longer able to identify a viable path forward after failed attempts to recover stolen assets, raise new capital, and maintain the resources necessary to operate responsibly.
In a separate update shared on X, the DAO said that contributors and community members have continued to support the platform under increasingly difficult circumstances. The organization stated that without recovered funds, new investment, or renewed growth, the protocol cannot remain sustainable.
The decision closes a difficult chapter for a project that previously ranked among the largest cross-chain lending platforms.
Launched in 2022, Radiant sought to unify liquidity across multiple blockchains and grew rapidly during 2023. Protocol data shows that its total value locked reached $386.8 million in December 2023.
Fortunes changed sharply after October 2024 exploit Security researchers and subsequent investigations were linked to North Korean threat actors. After the hack, Radiant’s total value fell to roughly $75 million and fell to about $5 million within weeks, according to protocol data.
Recovery efforts failed to restore the protocol
While operations are being scaled back, Radiant said the protocol will not disappear completely. Instead, he will move into what he described as maintenance mode.
Under this arrangement, the front-end will remain online, smart contracts will remain available, and users will still be able to withdraw assets, repay loans, and manage existing positions. However, development work, protocol upgrades, and expansion efforts will cease as DAO contributors move away from active operations.
Radiant also urged users to carefully manage their exposure as the protocol enters its final phase.
The remaining recovery initiatives associated with the breach will continue. The DAO said its processing portal will remain open and any assets recovered in the future will be returned to affected users.
Previous recovery efforts have yielded limited results. In October 2025, blockchain security firm CertiK reported that wallets linked to the attacker deposited 2,834 ETH into Tornado Cash after moving the funds across multiple addresses and swaps involving DAI.
CertiK has estimated that $10.8 million worth of Ethereum has already been laundered Through the blenderThis complicates efforts to trace and recover stolen assets.
The attack linked to North Korea became a turning point
Radiant said in December 2024 that an attacker posing as a former contractor distributed malware via Telegram. Per protocol, a malicious ZIP file was circulated among developers for feedback, creating an entry point that eventually led to the compromise.
A post-mortem investigation by cybersecurity firm Mandiant later linked the incident to the hacking group AppleJeus, which it identified as part of North Korea’s cyber ecosystem.
According to Radiant, the attackers took control of three of Radiant’s eleven multi-sig permissions and replaced the lending aggregator’s execution contract, allowing them to steal approximately $53 million from Arbitrum and BNB Chain deployments.
The tactics used in the attack later surfaced in other major crypto incidents. In April 2026, Drift Protocol said it had moderate to high confidence that the same actors behind the Radiant breach were responsible for a separate exploit against its platform. Drifting investigation It was concluded that the group spent months building trust with stakeholders through conference meetings and professional communications before publishing malicious tools and links.
Market reaction to Radiant’s closure announcement remained negative. The protocol’s RDNT token fell 4.2% following the news.
