North Koreans hackers likely behind $286 million Drift Protocol exploit: Elliptic
North Korean hackers are likely responsible for the $286 million exploit of Drift Protocol, according to blockchain analytics firm Elliptic. The attack targeted the Solana-based decentralized perpetual futures exchange, marking one of the largest cryptocurrency thefts of 2026. Elliptic's investigation traced the stolen funds through various blockchain addresses and identified patterns consistent with previous North Korean hacking operations.
The exploit represents the latest in a series of sophisticated attacks attributed to North Korean cybercriminal groups, which have increasingly targeted decentralized finance protocols to circumvent international sanctions. These state-sponsored hacking units, including the notorious Lazarus Group, have stolen billions of dollars in cryptocurrency over recent years to fund the regime's operations. Drift Protocol, which allows users to trade perpetual futures contracts on Solana, had gained significant traction in the DeFi space before the attack.
The massive theft has sent shockwaves through the decentralized finance sector, raising fresh concerns about security vulnerabilities in DeFi protocols. The incident could prompt increased regulatory scrutiny of the space and may lead to enhanced security measures across similar platforms. Trading volumes on Solana-based DeFi protocols have already shown signs of decline as investors reassess risk exposure.
Industry observers will closely monitor how Drift Protocol responds to the exploit and whether any of the stolen funds can be recovered through collaboration with law enforcement agencies.
Source: CoinDesk
