Elliptic: Drift attack suspected to be carried out by North Korean hackers

ME News, April 2 (UTC+8), blockchain analytics firm Elliptic said that the Drift Protocol suffered an attack resulting in losses of $285 million, with “multiple indicators” pointing to DPRK hacker groups supported by North Korea. Elliptic focused its analysis on on-chain activity, money-laundering methods, and network-layer signals, all of which match prior state-linked attacks. In its report, Elliptic said: “If confirmed, this would be the 18th DPRK attack campaign Elliptic has tracked this year, with more than $300 million stolen to date.” On the technical side, Elliptic characterized the attack as “premeditated and carefully planned,” with early test transactions and pre-positioned wallets already in place before the main attack. After the attack was carried out, the funds were quickly consolidated and transferred across chains, converted into higher-liquidity assets, forming a structured, repeatable money-laundering process designed to obscure the source of funds while maintaining control. The incident involved more than ten asset types; funds were transferred across chains from Solana to Ethereum and other networks, further highlighting the importance of cross-chain tracing capabilities. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain. Since the token was hacked, it has fallen by more than 40% to about $0.06. (Source: ChainCatcher)