Decentralized finance platform Drift confirmed that $280 million was withdrawn during a sophisticated security incident that involved a rapid takeover of its security council administrative powers and the execution of pre-signed transactions. Drift says deposits in borrow and lend features, vaults, and trading were affected and that the breach—attributed by Elliptic and other researchers to DPRK-linked hackers—appears to have used staged preparation, social engineering, and compromised approvals; the company is coordinating with security firms, exchanges, bridges, and law enforcement while preparing a fuller report #Drift #DPRK
Keypoints
- $280 million was stolen from Drift in the incident.
- Attackers rapidly took over security council admin powers using pre-signed transactions and social engineering.
- Funds in borrow and lend features, vault deposits, and trading deposits were affected; Drift denies smart contract bugs.
- Elliptic and other researchers linked the exploit to DPRK-associated hackers, noting similarities to past Bybit and other incidents.
- Drift is working with security firms, bridges, exchanges, and law enforcement and will publish a comprehensive post-incident report.
Read More: https://therecord.media/drift-crypto-confirms-280-million-stolen-north-korea