Radiant Capital, once a cross-chain lending protocol with hundreds of millions in deposits, now holds just $2.21 million in total value locked across Arbitrum, Ethereum, Base, and BNB. That’s what remains roughly 20 months after a North Korean state hacking group drained $50 million from the platform in October 2024.
How the hack went down
Attackers exploited a vulnerability in Radiant’s smart contracts, making off with $50 million. The incident was later attributed by Mandiant, a top-tier cybersecurity firm, to a North Korean state-sponsored group. Radiant never recovered. The protocol has effectively wound down to an operational husk — still live on four chains but carrying a fraction of its former value.
What users see now
On Arbitrum, Ethereum, Base, and BNB, the lending markets limp along with negligible liquidity. The $2.21 million TVL figure comes from DeFiLlama data as of this week. No new major integrations or incentives have been announced. The team hasn’t publicly discussed a revival plan in months.
Radiant is just one entry in a long list of North Korea-linked crypto heists. Mandiant’s attribution underscores how state-backed actors continue to target DeFi protocols, often laundering stolen funds through cross-chain bridges. The attack happened roughly 20 months ago, but the fallout lingers — Radiant’s collapse has left lenders stranded and highlighted the risks of permissionless lending pools.
What’s next for remaining users
There’s no clear timeline for any recovery or wind-down process. Radiant’s DAO hasn’t proposed a formal dissolution vote. Users with assets still locked in the protocol face an uncertain wait — the $2.21 million TVL suggests most capital has already fled. The question now, unanswered for months, is whether the protocol will ever do anything with what little remains.
