Articles
Crypto Market Analysis

Drift Protocol $280M exploit took 'months of deliberate preparation'

User Image

匿名により

作成されました April 05, 2026|2 分で読めます
Main Image

Drift Protocol said, with “medium-high confidence,” that the recent attack was carried out by the same actors responsible for the $58 million Radiant Capital hack in October 2024.

Drift Protocol, a decentralized cryptocurrency exchange (DEX), says the recent exploit against the platform was a six-month-long, highly coordinated attack.

“The preliminary investigation shows that Drift experienced a structured intelligence operation requiring organizational backing, significant resources, and months of deliberate preparation,” Drift said in an X post on Saturday.

The decentralized exchange was exploited on Wednesday, with external estimates putting losses at around $280 million.

According to Drift, the attack plan can be traced back to around October 2025, when malicious actors posing as a quantitative trading firm first approached Drift contributors at a “major crypto conference,” claiming to be interested in integrating with the protocol.

The group continued to engage contributors in person at multiple industry events over the following six months. “It is now understood that this appears to be a targeted approach, where individuals from this group continued to deliberately seek out and engage specific Drift contributors,” Drift said.

“They were technically fluent, had verifiable professional backgrounds, and were familiar with how Drift operated,” Drift said.

After gaining trust and access to Drift Protocol over six months, they used shared malicious links and tools to compromise contributors’ devices, execute the exploit, and then wiped their presence immediately after the attack.

The incident serves as a reminder for crypto industry participants to remain cautious and skeptical, even during in-person interactions, as crypto conferences can be prime targets for sophisticated threat actors.

Drift said, with “medium-high confidence,” that the exploit was carried out by the same actors behind the October 2024 Radiant Capital hack.

In December 2024, Radiant Capital said the exploit was carried out through malware sent via Telegram from a North Korea-aligned hacker posing as an ex-contractor. 

“This ZIP file, when shared for feedback among other developers, ultimately delivered malware that facilitated the subsequent intrusion,” Radiant Capital said.

Drift said it is “important to note” that the individuals who appeared in person “were not North Korean nationals.”

Related: Naoris launches post-quantum blockchain as quantum security risks gain attention

“DPRK threat actors operating at this level are known to deploy third-party intermediaries to conduct face-to-face relationship-building,” Drift said.

Drift said that it is working with law enforcement and others in the crypto industry to “build a complete picture of what happened during the April 1st attack.”

Magazine: Bitcoin 85% crashes ‘done,’ CLARITY Act speculation mounts: Hodler’s Digest, Mar. 29 – April 4

Source: CoinTelegraph


最近公開された他の記事

The most popular bitcoin call option has slipped by $10,000
The most popular bitcoin call option has slipped by $10,000

Bitcoin

Your day-ahead look for July 18, 2026Source: CoinDesk...

Hyperion DeFi to deploy 500K HYPE for Hyperliquid HIP-3 markets
Hyperion DeFi to deploy 500K HYPE for Hyperliquid HIP-3 markets

DeFi

The deal gives Hyperion an equity stake in Skew and a share of listing-service revenue as it expands...

Robinhood Chain memecoin launchpad Vlad.fun halts after ‘internal integrity’ issue
Robinhood Chain memecoin launchpad Vlad.fun halts after ‘internal integrity’ issue

Meme Coins

Vlad.fun suspended its platform after discovering a “serious internal integrity issue” involving...

Bitcoin $107K buyers providing ‘early signals’ of 2026 bear-market bottom: Glassnode
Bitcoin $107K buyers providing ‘early signals’ of 2026 bear-market bottom: Glassnode

Bitcoin

Bitcoin realized losses appeared to be copying a reversal structure that marked previous bear-market...

Tether invests $20M into Argentine neobank Ualá
Tether invests $20M into Argentine neobank Ualá

Crypto Market Analysis

Tether reportedly invested $20 million into Ualá, as part of the Argentine neobank’s $197 million...

US Senate unanimously adopts resolution opposing clemency for SBF
US Senate unanimously adopts resolution opposing clemency for SBF

Crypto Market Analysis

The Senate approved a resolution opposing clemency for former FTX CEO Sam Bankman-Fried as predictio...