Elliptic: Drift attack suspected to be carried out by North Korean hackers

ME News update. On April 2 (UTC+8), blockchain analytics firm Elliptic reported that the Drift Protocol was attacked, resulting in losses of $285 million, and that “multiple indicators” point to a DPRK hacker group supported by North Korea. Elliptic focused on on-chain activity, money-laundering methods, and network-level signals, all of which matched previous government-linked attacks. Elliptic’s report stated: “If confirmed, this will be the 18th DPRK attack operation tracked by Elliptic this year, with more than $300 million stolen to date.” Technically, Elliptic described the attack as “premeditated and carefully staged,” with early test transactions and pre-arranged wallets preceding the main attack. After the attack, the funds were rapidly consolidated and transferred across chains, converted into assets with higher liquidity, forming an organized, repeatable money-laundering process designed to obscure the source of funds while maintaining control. The incident involved over ten asset types, with funds transferred across chains from Solana to Ethereum and other blockchains, further emphasizing the importance of cross-chain tracing capabilities. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain. Since the attack, its token has fallen more than 40% to approximately $0.06. (Source: ChainCatcher)