The person behind the recent Radiant Capital exploit has reportedly moved nearly all of the stolen crypto, valued at about $52 million, from Layer-2 networks to Ethereum.

Blockchain security firm PeckShield shared the information on October 24, further dampening any hopes of recovering the funds.

Attacker Almost Done Bridging Stolen Funds

According to PeckShield, the attacker’s on-chain footprint showed they had bridged about 20,500 ETH tokens from Arbitrum and Binance’s BNB Chain to Ethereum. The funds were part of the October 16 attack that compromised Radiant Capital’s smart contracts.

Another blockchain security company, Ancilia Inc., was the first to detect the suspicious activity, which initially resulted in the loss of at least $18 million worth of crypto assets from Radiant’s liquidity pool on the Binance network. The hacker then extended the attack to the decentralized finance (DeFi) protocol’s pool on Arbitrum, further escalating the losses.

A post-mortem of the attack showed that the perpetrator gained control by compromising a multi-signature wallet that secured Radiant’s funds. They were then able to obtain the private keys of three out of eleven signers, giving them the ability to upgrade the platform’s contracts and transfer ownership.

It enabled the bad actor to drain several trading pools, including those holding popular assets such as USDC, USDT, wBTC, wETH, and BNB.

Recovery Efforts in Jeopardy?

The October 16 incident is the second time hackers have targeted Radiant this year. In January, the DeFi platform lost $4.5 million due to a vulnerability in its smart contract.

The company has since engaged with U.S. law enforcement, including the FBI, and partnered with cybersecurity outfits like SEAL911 and ZeroShadow in an attempt to recover the stolen money.

However, the thief’s move to Ethereum suggests they