Get the latest crypto news, updates, and reports by subscribing to our free newsletter.
Giấy phép số 4978/GP-TTĐT do Sở Thông tin và Truyền thông Hà Nội cấp ngày 14 tháng 10 năm 2019 / Giấy phép SĐ, BS GP ICP số 2107/GP-TTĐT do Sở TTTT Hà Nội cấp ngày 13/7/2022.
© 2026 Index.vn
REAL Shows Network (RSN) is a national TV network for top real estate professionals and influential local leaders, giving select hosts in each market the exclusive opportunity to lead a full 30-minute show showcasing their expertise, partners, and community. Created by an Emmy-nominated, Telly Award-winning production team, RSN delivers cinematic,…
Attackers drained approximately $285 million from Drift Protocol, described as the largest decentralized perpetual futures exchange on Solana, on April 1. The attackers emptied its vaults in roughly 12 minutes and bridged most of the stolen funds to Ethereum within hours. Blockchain analytics firms Elliptic and TRM Labs said the incident showed “multiple indicators” consistent with involvement by North Korea’s state-sponsored hacking apparatus.
The operation did not start on April 1. Between March 23 and 30, the attacker obtained 2/5 multisig approvals from Drift’s Security Council members, pre-signing malicious transactions that remained dormant until execution day.
The attacker also created a fictitious token, CarbonVote, seeded with minimal liquidity and fake trading volume. By manipulating Drift’s oracles into treating the token as legitimate collateral, the attacker generated hundreds of millions in “phantom credit,” enabling them to drain the protocol’s real assets.
The hack wiped out more than half of Drift’s total value locked. Total value locked fell from approximately $550 million to under $250 million. The DRIFT token price dropped from above 7 cents to roughly 4 cents before a partial recovery.
Elliptic and TRM Labs’ assessment places the attack as the second-largest exploit in Solana’s history, behind only the $326 million Wormhole bridge hack in 2022.
The incident also cascaded across more than 20 downstream protocols, including vaults, lending integrations, and yield products that had built on Drift as a dependency.
Omer Goldberg, founder and CEO of risk infrastructure firm Chaos Labs, told Unchained that the operation differed from many typical DeFi exploits. He said it was “methodical and strategic,” adding that the North Korea fingerprint was visible in the tradecraft. Goldberg said the attackers “literally controlled the protocol in that moment,” rather than merely using deceptive key signing to move funds.
If the DPRK attribution holds, Elliptic said it would be the eighteenth North Korea-linked crypto theft it has tracked in 2026, bringing the regime’s total haul for the year past $300 million. The U.S. government has previously linked stolen crypto proceeds to Pyongyang’s weapons programs.
In brief\n\nBitcoin dropped to about $93,000, falling back below the EMA50 and putting its recent golden cross at risk of invalidation. The global crypto market cap stands at $3.15 trillion, down 2.38% in 24 hours. On Myriad Markets, 82% of the money is betting on Bitcoin pumping to $100K before…
