What are the important details about North Korean Hackers Stole $285M from DRIFT?

North Korean hackers stole 577M$ from DRIFT and Kelp DAO, 76% of the year's hacks. TRM Labs report details: Social engineering, nonce exploit. DRIFT delisted from Upbit/Bithumb. North Korea's share br You can read the full article for more information.

What is the current status of DRIFT coin?

Current analysis and evaluations on DRIFT are covered in detail in our article. You can review the article for technical analysis, price movements and future expectations.

How can I follow the latest cryptocurrency news on COINOTAG?

COINOTAG provides the latest news, analysis and market data in the cryptocurrency world. You can instantly follow all developments by visiting our homepage or subscribing to our notifications.

North Korean Hackers Stole $285M from DRIFT

North Korea-linked hackers seized 76% of the crypto sector's hack losses this year with just two precise operations in April; attacks on DRIFT detailed analysis Protocol for $285 million and Kelp DAO for $292 million caused a total damage of $577 million. According to TRM Labs' new report, these two incidents account for only 3% of all recorded cases. The attackers carried out the sector's biggest heists by targeting decentralized finance platforms. The report calculates that North Korean hackers have stolen over $6 billion in crypto assets since 2017. This data clarifies Pyongyang's dominance in crypto theft.

Technical Details of the DRIFT Protocol Hack

The Drift Protocol breach stood out with a patient social engineering campaign; on-chain preparations began on March 11, and there were months-long face-to-face meetings between North Korean proxies and Drift employees. The attackers used Solana's durable nonce feature to execute 31 pre-signed withdrawals in about 12 minutes; real assets like USDC and JLP were drained. The stolen funds were quickly transferred to Ethereum and remained dormant. After this hack, the DRIFT futures market experienced volatility.

Total Stolen: $577 million (76% of the year's hacks)
DRIFT Loss: $285 million (Solana-based, nonce manipulation)
Kelp DAO: $292 million (RPC node takeover, rsETH drain)

DRIFT Delisting Developments and North Korea Threat

Breaking news: $DRIFT has been delisted from Upbit and Bithumb exchanges; post-hack loss of trust was a key factor. In the Kelp DAO case, internal RPC nodes were taken over, and external nodes were directed to poisoned data via DDoS on bridges; 116,500 rsETH was drained despite no burn occurring on the source chain. While the Arbitrum Security Council froze funds, the remaining ETHs were converted to BTC via THORChain. North Korea's hack share hit a record 76% in April 2026; attackers who have been sharpening their tools with AI since 2020 are challenging defense strategies.

Frequently Asked Questions About the DRIFT Hack

Why was DRIFT hacked? Through social engineering and Solana nonce exploit.
How much have North Korean hackers stolen? Over $6 billion+ since 2017, 76% share in 2026.
What does DRIFT delisting mean? Loss of trust creates price pressure.

Crypto Research Analyst: Michael Roberts

Blockchain technology and DeFi focused

This analysis is not investment advice. Do your own research.

North Korean Hackers Stole $285M from DRIFT

Contents

Contents

Technical Details of the DRIFT Protocol Hack

DRIFT Delisting Developments and North Korea Threat

Frequently Asked Questions About the DRIFT Hack

Michael Roberts

Comments

Other Articles

North Korean Hackers Stole 577M$ from DRIFT and Kelp

North Korean Hackers Hit DRIFT and KelpDAO: 577M$

WisdomTree $152 Billion AUM in Q1 | ETH Tokenization