Articles
Crypto Market Analysis

Crypto attorney says Drift incident may qualify as 'civil negligence'

User Image

โดย ไม่ระบุชื่อ

สร้างแล้ว April 06, 2026|อ่านใน 2 นาที
Main Image

The $280 million Drift Protocol attack was likely carried out by threat actors aligned with North Korea state-affiliated hackers.

The hack of the Solana-based decentralized finance (DeFi) platform Drift Protocol could have been prevented if standard operational security procedures were followed by the Drift team, and may constitute “civil negligence,” according to attorney Ariel Givner.

“In plain terms, civil negligence means they failed their basic duty to protect the money they were managing,” Givner said in response to the post-mortem update provided by the Drift team and how it handled Wednesday’s $280 million exploit.

The Drift team failed to follow “basic” security procedures, including keeping signing keys on separate, “air-gapped” systems that are never used for developer work, and conducting due diligence on blockchain developers met through industry conferences.

“Every serious project knows this. Drift didn’t follow it,” she said, adding, “They knew crypto is full of hackers, especially North Korean state teams.” Givner continued: 

Advertisements for class action lawsuits against Drift Protocol are already circulating, she said. Cointelegraph reached out to the Drift Team but did not receive a response by the time of publication.

The incident is a reminder that social engineering and project infiltration by malicious actors are major attack vectors for cryptocurrency developers that could drain user funds and permanently erode customer trust in compromised platforms.

Related: Drift explains $280M exploit as critics question Circle over USDC freeze

The Drift Protocol team published an update on Saturday outlining how the exploit occurred and claimed that the attackers planned the attack for six months before execution.

Threat actors first approached the Drift team at a “major” crypto industry conference in October 2025, expressing interest in protocol integrations and collaboration.

The malicious actors continued to build rapport with the Drift development team in the ensuing six months, and once enough trust was built, they began sending the Drift team malicious links and embedding malware that compromised developer machines.These individuals, who are suspected of working for North Korea state-affiliated hackers and physically approached the Drift developers, were not North Korean nationals, according to the Drift team.

Drift said, with “medium-high confidence,” that the exploit was carried out by the same actors behind the October 2024 Radiant Capital hack.

In December 2024, Radiant Capital said the exploit was carried out through malware sent via Telegram from a North Korea-aligned hacker posing as an ex-contractor. 

Magazine: Meet the hackers who can help get your crypto life savings back

Source: CoinTelegraph


บทความอื่นๆที่เผยแพร่เมื่อเร็วๆนี้

President Trump expected to meet with senators to work on ethics concerns in crypto bill
President Trump expected to meet with senators to work on ethics concerns in crypto bill

Crypto Market Analysis

The most contentious piece of the crypto market structure bill is unresolved in the final weeks of S...

Crypto Long & Short: To ETH or not to ETH — is SOL the better diversifier?
Crypto Long & Short: To ETH or not to ETH — is SOL the better diversifier?

Solana

In this week's, Morgan Stanley’s Denny Galindo writes that as the crypto market expands, solana ha...

The privacy paradox of protecting kids online
The privacy paradox of protecting kids online

Crypto Market Analysis

We don’t need to imagine the privacy pitfalls of age verification. They’ve been happening for ye...

Ostium suffers $18 million exploit as oracle attack wave continues to hit DeFi
Ostium suffers $18 million exploit as oracle attack wave continues to hit DeFi

DeFi

A hacker used Ostium's own price-reporting infrastructure against the protocol, submitting falsified...

Coinbase's Jesse Pollak steps back from Base app leadership after admitting his crypto social strategy failed
Coinbase's Jesse Pollak steps back from Base app leadership after admitting his crypto social strategy failed

Base

Pollak said that Jordan Fish, also known on X as 'Cobie,' will lead the Base app team.Source: CoinDe...

US Senator blasts AG pick for ‘dismantling’ crypto unit, Trump’s CZ pardon
US Senator blasts AG pick for ‘dismantling’ crypto unit, Trump’s CZ pardon

Crypto Market Analysis

President Donald Trump’s pick for US Attorney General faced criticism from members of the Senate J...