How this millionaire crypto hacker continues to freely cash out a year later

A year after exploiting Radiant's lending pools for $50–$58 million in October 2024, the exploiter is systematically cashing out the stolen funds, evidenced by large, calculated transfers to Tornado Cash in late 2025, totaling over $31 million in two recent bursts. The breach occurred due to an operational compromise where keyholders were induced to approve malicious transactions under Radiant's three-out-of-eleven multi-sig scheme, with later reports suggesting state-backed impersonation was used for access. The laundering strategy involves moving funds from L2s like Arbitrum back to Ethereum, swapping balances into ETH, and then using Tornado Cash with standardized deposit sizes to make tracing difficult, although compliance teams still track patterns. The article concludes that the continued success of this slow bleed strategy highlights the need for hardened keyholder procedures, narrower approvals, and real-time monitoring for multi-chain applications, as skilled thieves exploit the seams between seamless cross-chain experiences.

(Source：CryptoSlate)