North Korean Hackers Drain $285 Million From Drift DeFi Platform in 10 Seconds
North Korean threat actors executed a highly sophisticated attack on decentralized finance platform Drift, stealing approximately $285 million in just 10 seconds by exploiting a fake collateral market and bypassing the protocol's safety systems.
Key Points
- Attack stole $285-286 million from Drift DeFi platform in just 10 seconds
- North Korean threat actors used pre-positioned infrastructure set up 8 days prior
- Hackers created fake collateral market using worthless CVT token minted 20 days earlier
- Safety system was disabled 25 seconds before the heist using compromised admin key
- Funds were immediately laundered through multiple wallets after extraction
Full Details
According to blockchain security firm Elliptic, North Korean threat actors executed one of the most precise DeFi heists to date, draining $285-286 million from Drift protocol in a mere 10 seconds. The attackers pre-positioned infrastructure approximately eight days before the heist, prepared multiple nonce-based transactions, and gained admin control of the platform. Twenty seconds before the attack, they used the compromised admin key to create a fake collateral market for CVT, a worthless token they had minted 20 days earlier. This allowed them to disable Drift's safety system designed to prevent massive, rapid asset drains. The hackers then drained funds from five vaults within seconds and immediately began laundering the proceeds through multiple wallets. This attack represents one of the largest cryptocurrency thefts in recent years and demonstrates the increasing sophistication of state-sponsored cybercriminal groups targeting DeFi platforms.
Why It Matters
This attack demonstrates the evolving sophistication of state-sponsored threat actors in targeting DeFi protocols, highlighting the critical need for enhanced security measures including time-locked admin controls, multi-signature requirements for protocol changes, and more rigorous validation of collateral assets.
Get stories like this delivered daily
AI-curated news, personalized to your interests. Zero noise.
Start 7-Day Free Trial →More in Global News
India to Participate in UK-Led Initiative to Reopen Strait of Hormuz
India's Ministry of External Affairs announced on April 2, 2026 that the country will join a UK-led initiative to explore ways to reopen the Strait of Hormuz, with India's top diplomat Vikram Misri representing the country in the first round of talks.
Oil surges and stocks fall as Trump Iran war speech fails to calm nerves
Oil prices surged and stocks fell following Trump's Iran war speech, as more than 2,000 people including women and children have been killed in Iran since joint US-Israeli strikes began a month ago, according to the Iranian Red Crescent.
Musicians' Union Defends Bruce Springsteen After Trump Calls for Boycott
The American Federation of Musicians has publicly defended Bruce Springsteen after President Trump called for a boycott of his concerts following the rocker's criticisms of the White House.
Artemis II Launch Marks High-Stakes US-China Space Race for Lunar Dominance
The Artemis II mission is not just a scientific achievement but part of a high-stakes space race between the United States and China, with both nations competing to establish dominance in lunar exploration.