Drift Crypto Platform Hack - $280 Million Stolen by North Korea
Basically, hackers stole a lot of money from Drift using clever tricks.
A massive $280 million was stolen from Drift, a crypto platform, linked to North Korean hackers. This breach raises alarms about security in decentralized finance. Drift is working to trace the stolen assets and improve security measures.
What Happened
On April 1, 2026, the decentralized finance platform Drift experienced a significant security breach, resulting in $280 million being stolen. The company released a post-mortem report detailing how attackers gained access to their systems through a novel attack. This involved a rapid takeover of the company's security council administrative powers, which allowed the hackers to manipulate transaction approvals.
Who's Affected
The incident impacts all users of the Drift platform, particularly those who utilized its borrow, lend, and trading features. Funds deposited in these services are now at risk, raising concerns among the platform's user base about the safety of their assets.
What Data Was Exposed
While Drift has stated there are no bugs in their programs or smart contracts, the breach highlights vulnerabilities in their approval processes. The attackers executed two pre-signed transactions that bypassed existing withdrawal limits, indicating a sophisticated understanding of the platform's operations.
How the Attack Unfolded
The attack was meticulously planned over several weeks, beginning on March 23. Hackers employed advanced social engineering techniques to obtain unauthorized transaction approvals. By the time the attack was executed, they had effectively compromised Drift's security protocols, allowing them to withdraw substantial amounts of cryptocurrency.
What You Should Do
Drift is currently working with security firms and law enforcement to trace and freeze the stolen assets. Users are encouraged to monitor their accounts and report any suspicious activity. The platform has pledged to release a more comprehensive report on the incident soon, providing further insights into the breach and its implications.
The Threat
Experts from blockchain security firm Elliptic have linked the attack to North Korean hackers, who have been responsible for numerous crypto thefts in recent years. This incident marks the eighteenth attack attributed to North Korea in 2026 alone, with over $300 million stolen so far. The tactics used in the Drift breach resemble those seen in previous high-profile attacks, including the $1.5 billion hack of Bybit.
Defensive Measures
To safeguard against such attacks, users should employ strong security practices, including enabling two-factor authentication and being cautious of unsolicited communications that may lead to social engineering attempts. Additionally, staying informed about the latest security updates from platforms like Drift can help mitigate risks.