Radiant Capital, a decentralized omnichain money market protocol built on LayerZero, has announced plans to shut down after failing to recover from an exploit it suffered more than a year ago.

 

The decision to cease operations stems from the protocol's inability to recover from losses of more than $50 million due to a security exploit in 2024. According to the team, the DAO no longer has a viable path forward, as there has been no meaningful recovery of funds and no new capital raised since the incident.

 

"Over the past months, contributors and the community continued to operate under increasingly difficult conditions, working to support users, maintain the protocol, and pursue recovery. That effort was real. And it was consistent. But effort alone is not enough without recovery, capital, or growth," the team wrote in a post on X.

 

Although the decision to wind down operations has already been made, the Radiant team said the shutdown will not happen immediately. The protocol's front end will remain live, smart contracts will remain accessible on chain, and users will continue to be able to withdraw funds, repay loans, and manage their positions.

 

The protocol will transition into maintenance mode, with no further development, upgrades, or expansion planned. Borrow caps will be set to zero, and RDNT token emissions will be discontinued.

 

Despite its decision to wind down, the Radiant team said it will continue efforts to recover the stolen funds. To support this process, the protocol's remediation portal will remain active to ensure that any recovered funds are returned to affected users.

 

The Radiant Capital Exploit

On October 16, 2024, Radiant Capital was hit by a sophisticated social engineering and malware attack. The attackers, reportedly linked to North Korean threat actors, deployed the malware via a fake Telegram message impersonating a former Radiant team member.

 

When members of the Radiant engineering team attempted to sign what appeared to be legitimate transactions in the protocol's Gnosis Safe wallet, the malware intercepted the requests and replaced them with malicious transactions in the background.

 

After gaining control of the protocol's 3-of-11 multisignature wallet, the attackers upgraded the pool provider contract and drained roughly $53 million from the protocol's lending pools on Arbitrum and BNB Chain. The exploit triggered a sharp decline in the protocol's total value locked (TVL), which fell from more than $300 million before the attack to approximately $75 million afterward.