North Korean Operatives Linked to $270 Million Drift Hack

Decentralized exchange Drift Protocol has disclosed that the $270 million exploit it suffered was the result of a sophisticated, six-month intelligence operation conducted by North Korean actors. According to the platform’s security investigation, the attackers spent half a year embedding themselves into the project’s network, meticulously planning the breach before executing the theft.

The findings point to a highly coordinated effort, characteristic of state-sponsored cyber warfare rather than a typical opportunistic exploit. Drift officials confirmed that the attackers utilized advanced social engineering and persistent access techniques to bypass existing security measures over the extended duration of their infiltration. This revelation highlights the growing trend of North Korean-linked cyber groups targeting decentralized finance (DeFi) infrastructure to generate revenue, often bypassing international sanctions.

Drift noted that the complexity of the operation allowed the perpetrators to remain undetected while they mapped out the protocol’s vulnerabilities. The exchange is currently working with security firms and law enforcement agencies to trace the stolen assets and strengthen system defenses against future state-sponsored threats. No further details regarding the recovery of the funds were immediately available, though the investigation into the specific technical vectors used by the North Korean operatives remains ongoing.