The Radiant Capital exploiter recently transferred 5,933 ETH, valued at approximately $26.7 million, through Tornado Cash, showcasing a profitable swing trading strategy that has doubled their stolen funds to over $104 million.

Executive Summary

The individual responsible for the Radiant Capital exploit has transferred 5,933 ETH, valued at approximately $26.7 million, through Tornado Cash. This latest movement of funds is part of an ongoing pattern of sophisticated trading by the hacker, who has significantly increased the value of the initially stolen assets.

Hacker's Trading Mechanics and Portfolio Growth

Since the initial theft of $53 million from Radiant Capital, the hacker has actively managed and multiplied their illicit holdings. Following the exploit, they acquired 21,900 ETH at an average price of $2,420 for long-term storage. The hacker has since engaged in strategic ETH swing trading, capitalizing on the cryptocurrency's volatility.

Key transactions include:

  • On August 14, they sold 9,631 ETH at an average price of $4,562, securing $43.9 million in DAI.
  • Six days later, on August 20, they purchased 4,914 ETH at an average price of $4,167, amounting to $20.4 million.
  • Subsequently, they sold 3,931 ETH at an average price of $4,726, generating an additional $18.5 million.
  • Most recently, the hacker spent $23.7 million in DAI to acquire 5,475 ETH at an average price of $4,330.

These precise and well-timed trades, which market observers compare to professional swing trading, have resulted in a current portfolio valuation exceeding $104 million, nearly double the original $53 million stolen. The portfolio now includes an estimated 13,300 ETH alongside tens of millions in stablecoins.

The Role of Tornado Cash and Regulatory Implications

The hacker's utilization of Tornado Cash, a decentralized cryptocurrency mixer, highlights persistent challenges in tracing stolen digital assets. Tornado Cash operates as a non-custodial privacy tool on Ethereum, employing zk-SNARKs to obfuscate the on-chain link between transaction senders and recipients. Since its inception in 2019, it has processed over $7 billion in cryptocurrency transactions.

The mixer has been central to a significant regulatory debate. The Office of Foreign Assets Control (OFAC) initially sanctioned Tornado Cash on August 8, 2022, citing its alleged use by entities like the Lazarus Group for laundering over $455 million in stolen funds. However, in March 2025, the U.S. Treasury Department reversed these sanctions following a ruling by the U.S. Fifth Circuit Court of Appeals, which determined that the Treasury had overstepped its authority by sanctioning immutable smart contracts. This decision has reignited discussions within the crypto community regarding the balance between privacy rights and anti-money laundering (AML) and national security efforts. Despite the sanction period, Tornado Cash continued to process nearly $2 billion in deposits in the first half of 2024.

Broader Market and Security Implications

The ongoing activity by the Radiant Capital hacker poses continued reputational and trust challenges for the protocol. The repeated successful obfuscation of funds via mixers like Tornado Cash underscores the difficulties faced by investigators and regulators in combating illicit financial flows within the decentralized finance (DeFi) ecosystem. This situation is likely to prompt increased scrutiny on DeFi security protocols and a heightened focus on the development of more robust tracing and preventative measures. The market sentiment surrounding Radiant Capital specifically remains uncertain to bearish, with expectations of continued high volatility for its associated token as the broader DeFi space grapples with the implications of sophisticated financial crime and the evolving regulatory landscape.