No connection

Search Results

Security breach Score 85 Bearish

Drift Protocol $280M Exploit Traced to Months-Long Deception Scheme

Apr 05, 2026 07:00 UTC
BTC-USD, ETH-USD, ^VIX
Immediate term

Drift Protocol has identified the recent $280 million exploit as a six-month-long, coordinated attack by actors previously linked to the 2024 Radiant Capital hack. The attackers, posing as a legitimate trading firm, gained trust through in-person interactions at crypto conferences before executing the breach.

  • Drift Protocol suffered a $280 million exploit following a six-month-long intelligence operation.
  • Attackers posed as a quantitative trading firm and engaged Drift contributors at a major crypto conference in October 2025.
  • The same group is believed to be responsible for the 2024 Radiant Capital hack.
  • The attackers used shared malicious links and tools to compromise devices and executed the exploit.
  • Drift confirmed that the individuals involved were not North Korean nationals, despite similarities to past DPRK tactics.
  • The incident underscores the need for heightened caution in in-person interactions at crypto conferences.

Drift Protocol, a decentralized cryptocurrency exchange (DEX), has revealed that the recent $280 million exploit was the result of a six-month-long, highly coordinated intelligence operation. The attackers, who are believed to be the same group responsible for the $58 million Radiant Capital hack in October 2024, used a sophisticated strategy to infiltrate the platform. Preliminary investigations indicate that the malicious actors posed as a quantitative trading firm and engaged Drift contributors at a major crypto conference in October 2025. Over the following months, they maintained in-person interactions at multiple industry events, building trust and access to the protocol. Drift stated that the group was technically fluent, had verifiable professional backgrounds, and demonstrated a deep understanding of the platform’s operations. After establishing credibility, the attackers used shared malicious links and tools to compromise contributors’ devices, execute the exploit, and then erased their digital footprint. The incident highlights the growing sophistication of cyber threats in the DeFi sector, particularly the use of in-person engagement at conferences as a vector for deception. Drift emphasized that the individuals involved in the attack were not North Korean nationals, despite similarities to tactics used by North Korea-aligned hackers in the past. The DEX is collaborating with law enforcement and industry partners to investigate the breach further and understand the full scope of the attack. The breach has raised concerns about the security of DeFi platforms and the potential for similar attacks in the future, especially as threat actors continue to refine their methods of infiltration and deception.

Sign up free to read the full analysis

Create a free account to unlock full AI-curated market articles, personalized alerts, and more.

Create Free Account Already have an account? Sign In
Share this article

Related Articles

Score 95 Bullish

Trump says deal with Iran possible by Monday, Fox News reports

Apr 05, 14:00

Score 75

Delta Air Lines Kicks Off Earnings Season Amid Rising Oil Prices and Iran Tensions

Apr 05, 14:00

Score 35 Bearish

AI Threatens to Exacerbate Crypto Security Challenges, Ledger CTO Warns

Apr 05, 14:00

Score 65

OPEC+ Plans Symbolic Oil Quota Hike for May

Apr 05, 13:56

Stay Ahead of the Markets

Join thousands of traders using AI-powered market intelligence. Get personalized insights, real-time alerts, and advanced analysis tools.

Get Started Free View Plans
Features Terminal AI Assistant Analysis Market News Pricing
Start Trading with AI Already have an account? Sign In
Home
Terminal
AI
Markets
Profile