CP
cyberpings
FraudCRITICAL

North Korean Hackers Drain $285 Million From Drift in Seconds

Featured image for North Korean Hackers Drain $285 Million From Drift in Seconds
SWSecurityWeek
North KoreaDriftcryptocurrencyDeFiheist
🎯

Basically, North Korean hackers stole $285 million from a finance platform in just 10 seconds.

Quick Summary

In a shocking incident, North Korean hackers drained $285 million from the Drift platform in just 10 seconds. This sophisticated attack highlights serious vulnerabilities in DeFi protocols. Drift is now working with security firms to recover the stolen assets.

What Happened

A North Korean threat actor has been linked to a staggering $285 million heist from the decentralized finance (DeFi) platform Drift. This attack, described by Drift as a highly sophisticated operation, involved meticulous planning and execution. The attackers set up their infrastructure about eight days prior to the heist, preparing multiple nonce-based transactions and ultimately taking control of an admin key.

Who's Affected

The primary victim of this attack is Drift, a DeFi platform that facilitates trading and liquidity for various cryptocurrencies. This incident not only affects Drift but also raises concerns for its users and the broader cryptocurrency community, given the scale of the theft.

What Data Was Exposed

While specific user data exposure details remain unclear, the attack led to the theft of $286 million in various cryptocurrencies. The hackers executed the heist by draining funds from five vaults, which included popular tokens such as USDC and wETH.

How It Works

The attack was executed with extreme precision. The hackers utilized a durable nonce on the Solana blockchain, allowing them to create transactions that would not expire. They pre-signed transactions to ensure rapid execution. Just five hours before the heist, they gained control of a Drift admin key, which was initially protected by a multisig but could be modified with just two out of five approvals.

Tactics & Techniques

The attackers created a fake collateral market for a worthless token, CVT, just seconds before the heist. This market was designed to maximize fund drainage by manipulating the token's parameters and disabling Drift's safety systems. The entire operation was executed in less than 10 seconds, showcasing the hackers' ability to exploit vulnerabilities in the DeFi protocol.

Defensive Measures

In response to this incident, Drift is collaborating with multiple security firms and law enforcement to trace and freeze the stolen assets. Users are advised to remain vigilant and monitor their accounts for any suspicious activity. The incident underscores the need for enhanced security measures in DeFi platforms to prevent such sophisticated attacks in the future.

🔒 Pro insight: This heist exemplifies the evolving tactics of North Korean cybercriminals, emphasizing the urgent need for robust security in DeFi ecosystems.

Original article from

SWSecurityWeek· Ionut Arghire
Read Full Article

Share

Related Pings

HIGHFraud

Nigerian Romance Scammer Jailed After Fellow Fraudster Exposed Him

A Nigerian romance scammer has been sentenced to 15 years in prison after being caught by another fraudster. His schemes exploited victims for over $1.5 million. This case underscores the dangers of online scams and the emotional manipulation involved.

Graham Cluley·
HIGHFraud

Drift Loses $285 Million in Social Engineering Attack

Drift, a Solana-based decentralized exchange, lost $285 million in a social engineering attack linked to North Korean hackers. This incident highlights the increasing sophistication of crypto theft tactics. Users are urged to monitor their accounts and stay informed about security measures being implemented.

The Hacker News·
HIGHFraud

Windows Extortion Plot - Engineer Pleads Guilty to Charges

A former engineer has pleaded guilty to locking Windows admins out of servers in an extortion scheme. This incident underscores the risks of insider threats. Rhyne's actions could lead to a 15-year prison sentence. Companies must strengthen their cybersecurity measures to prevent similar attacks.

BleepingComputer·
HIGHFraud

Drift Protocol - North Korean Hackers Steal $280 Million

North Korean hackers have stolen $280 million from the Drift Protocol by manipulating admin powers. This attack has frozen operations, affecting thousands of traders. Drift is investigating and working to recover the funds.

BleepingComputer·
HIGHFraud

Microsoft Device Code Phishing - EvilTokens Kit Discovered

A global phishing campaign is exploiting Microsoft's device code system using the EvilTokens kit. Organizations are at risk of losing sensitive data as attackers gain access to accounts. Vigilance and security measures are crucial to thwart these threats.

SC Media·
HIGHFraud

Drift Protocol - $285 Million Lost in Major Crypto Heist

Drift Protocol has lost an estimated $285 million in a major crypto heist linked to an exposed private key. All transactions are suspended as investigations proceed. This incident underscores the vulnerabilities in decentralized finance platforms.

SC Media·