Your signal. Your price.
The $285 million Drift Protocol hack involved North Korean proxies meeting protocol developers at conferences over months to gain access, representing a shift from technical attacks to social engineering at scale.
Solana-based DeFi protocol Carrot announced its permanent shutdown due to contagion from the $285 million Drift exploit, becoming one of the first casualties of a highly coordinated attack in early April.
Over $600 million has been stolen from ten different DeFi protocols in the last two weeks, with notable hacks including Drift Protocol ($285M) by North Korean hackers and fake token pool exploits on Ray Finance ($18M).
Circle faces a class action lawsuit from Drift Protocol investors who lost $285 million in an April 1 exploit, accusing the firm of failing to freeze stolen USDC during an eight-hour cross-chain transfer window.
Tether committed up to $127.5 million and other partners $20 million to help recover funds from the Drift Protocol hack, with CEO Paolo Arduino positioning Tether as more responsive than Circle.
Drift Protocol plans to relaunch with USDT as its settlement layer after securing a proposed $147.5 million funding package following a North Korean-linked exploit.
Jeremy Allaire defended Circle's decision not to freeze USDC in the Drift exploit, citing legal obligation and moral quandary unless law enforcement directs action.
The $285 million exploit on Solana-based DeFi platform Drift Protocol was attributed to a six-month North Korean state intelligence operation that used fabricated identities and malicious developer tools to compromise contributors.
Drift protocol's exploit resulted in approximately $280 million being drained, a significant increase from initial reports of $200 million, reports ZachXBT and Danny Park.
The highly sophisticated attack on Drift protocol involved weeks of preparation and a novel method using durable nonces to gain unauthorized multi-sig access.
The attacker introduced a malicious asset and eliminated withdrawal limits to drain funds, which included JLP, SOL, USDC, CBBTC, and wrapped Bitcoin.
Drift Protocol, a Solana perp Dex, suffered a $285 million exploit on April 1st, after an attacker social-engineered two of five multi-sig signers.
The Drift attacker minted and wash-traded a fake token for days to create perceived legitimacy, then used admin control to add it as collateral and withdraw other assets.
Hayden Adams (Uniswap) criticized Drift's admin setup, arguing that protocols with central keys capable of draining funds should not be called 'DeFi,' as it blurs the definition.
The Solana-based Drift protocol was exploited, with losses estimated between $200 million and $270 million.
One transfer in the Drift exploit involved 41.7 million JLP tokens worth about $155 million.
The Drift exploit attacker began swapping stolen assets into USDC using Jupiter and bridging to Ethereum to buy ETH.
Drift Protocol had total value locked above $550 million before the exploit.