Radiant Capital, a decentralized omnichain money market protocol built on LayerZero, has announced plans to shut down after failing to recover from an exploit it suffered more than a year ago.

 

The decision to cease operations stems from the protocol's inability to recover from losses of more than $50 million due to a security exploit in 2024. According to the team, the DAO no longer has a viable path forward, as there has been no meaningful recovery of funds and no new capital raised since the incident.

 

"Over the past months, contributors and the community continued to operate under increasingly difficult conditions, working to support users, maintain the protocol, and pursue recovery. That effort was real. And it was consistent. But effort alone is not enough without recovery, capital, or growth," the team wrote in a post on X.

 

Although the decision to wind down operations has already been made, the Radiant team said the shutdown will not happen immediately. The protocol's front end will remain live, smart contracts will remain accessible on chain, and users will continue to be able to withdraw funds, repay loans, and manage their positions.

 

The protocol will transition into maintenance mode, with no further development, upgrades, or expansion planned. Borrow caps will be set to zero, and RDNT token emissions will be discontinued.

 

Despite its decision to wind down, the Radiant team said it will continue efforts to recover the stolen funds. To support this process, the protocol's remediation portal will remain active to ensure that any recovered funds are returned to affected users.

 

The Radiant Capital Exploit

On October 16, 2024, Radiant Capital was hit by a sophisticated social engineering and malware attack. The attackers, reportedly linked to North Korean threat actors, deployed the malware via a fake Telegram message impersonating a former Radiant team member.

 

When members of the Radiant engineering team attempted to sign what appeared to be legitimate transactions in the protocol's Gnosis Safe wallet, the malware intercepted the requests and replaced them with malicious transactions in the background.

 

After gaining control of the protocol's 3-of-11 multisignature wallet, the attackers upgraded the pool provider contract and drained roughly $53 million from the protocol's lending pools on Arbitrum and BNB Chain. The exploit triggered a sharp decline in the protocol's total value locked (TVL), which fell from more than $300 million before the attack to approximately $75 million afterward.

 

 

THORChain, the decentralized cross-chain liquidity protocol that enables asset swaps between blockchains, has paused trading on its platform following reports by security researchers, including ZachXBT and PeckShield, that the platform was exploited for more than $10 million.

 

 

Following alerts from security researchers, THORChain halted all trading activities, citing abnormal and suspicious behavior it had detected. According to the team, one of its six Asgard vaults was compromised, resulting in a loss of approximately $10 million.

 

However, the team said in a post on X that user funds were safe and that only protocol-owned funds were affected.

 

 

“Investigation is still ongoing to determine the root cause. Contributors are actively working on the issue and we will report updates as we progress toward a solution,” the team said.

 

“We are asking all node operators to immediately review their infrastructure, hosts, key management systems, and operational security for any signs of compromise or abnormal behavior, and to report anything suspicious in Discord.”

 

Following the team's confirmation of the exploit, RUNE, the native crypto asset of THORChain, fell by nearly 15%, wiping out more than $27 million in market capitalization. Its market capitalization dropped to around $182 million. At the time of writing, RUNE was trading at $0.50, down 13.8% from its pre-hack price of $0.58.

 

Latest of Several Attacks

This is not the first time THORChain has been exploited by attackers. In 2021, it suffered three separate exploits, resulting in losses of over $16 million.

 

In the first exploit, it lost approximately $350,000 due to a vulnerability in the way the protocol handled ERC-20 deposits. In the second exploit, which occurred just one month after the first, THORChain suffered losses of between $4.9 million and $8 million. In the third exploit, the protocol lost about $8 million due to a refund logic vulnerability.

 

The THORChain exploits are among the latest and largest of the 11 decentralized finance exploits recorded this month. Exploits in decentralized finance remain widespread, with the previous quarter recording more incidents than the first quarter of 2025.

 

 

Resolv Labs’ stablecoin, USR, has lost its U.S. dollar peg following an exploit of the token’s contract that allowed attackers to mint millions of tokens.

 

The exploit, which occurred on March 22, 2026, resulted in the creation of 50 million unbacked USR tokens, prompting the team to temporarily pause the protocol’s functions to prevent “further malicious actions.”

 

 

According to YieldsandMore, which first reported the story, the attack began with a 100,000 USDC deposit by the attackers, ultimately causing USR to lose its dollar peg and fall to $0.01.

 

After minting the USR tokens, the attackers converted them into wrapped USR (wstUSR) to access deeper liquidity on decentralized exchanges (DEXs). This allowed them to offload large amounts of wstUSR more gradually, reducing the risk of an immediate price crash of USR.

 

The next phase of the attack involved dumping and selling wstUSR tokens across multiple platforms, including KyberSwap and Velora. Using this method, the attackers swapped wstUSR for USDt and USDC, which were then aggressively converted into Ether (ETH).

 

Although the attack was first made public by the crypto research and analysis group YieldsandMore, the Resolv team was only able to pause the protocol three hours later.

 

“It took ResolvLabs three hours to pause its protocol. Roughly one hour of that delay came from the gap between submitting the multisig transaction and collecting the four required signatures to execute it,” YieldsandMore wrote on X.

 

While 50 million tokens were initially minted by the attackers, blockchain security company PeckShield reported that an additional 30 million USR tokens were later minted, bringing the total to approximately 80 million.

 

 

Price Action of USR in the Aftermath of the Exploit

The minting and dumping of USR tokens triggered a severe depeg, sending its price from $1 to roughly $0.02 to $0.05 within minutes, a decline of about 95 to 97%.

 

Although it briefly rebounded to between $0.14 and $0.20, USR is currently trading at $0.2773, according to data from CoinMarketCap at the time of publication. 

 

The USR depeg ranks among the most severe in recent history, second only to the collapse of Terra's TerraUSD (UST) in 2022, which fell from $1 to $0.02 and lost 98% of its value. Iron Finance also had its IRON stablecoin lose its dollar peg, dropping from $1 to about $0.05.