Sources
Drift Protocol $285M Exploit: North Korean Actors Staged 6-Month Social Engineering Operation
TRM Labs attributed the April 1 Drift Protocol exploit — $285M drained from Solana's largest perpetual futures DEX in 12 minutes — to North Korean state-sponsored hackers who staged a 6-month social engineering operation. The attackers manufactured a fictitious token (CarbonVote) with seeded liquidity and wash trading that Drift's oracles treated as legitimate collateral worth hundreds of millions. This is the largest DeFi hack of 2026 and second-largest in Solana history behind only the $326M Wormhole bridge hack.
↳ Follow the thread