The decentralized finance sector has been rocked by one of the most sophisticated attacks in DeFi history, as Drift Protocol on Solana lost approximately $286 million in a 12-minute exploit that leveraged social engineering and legitimate blockchain features. The attack methodology represents a new evolution in DeFi exploitation tactics, moving beyond simple code vulnerabilities to target human elements within protocol governance structures.
Security firms Elliptic and TRM Labs have attributed the attack to North Korea-linked threat actors, citing deployment signatures matching Pyongyang timezone patterns and laundering techniques consistent with the Lazarus Group's previous operations, according to Bitcoin.com. The attackers spent months building trust with Drift's security council members by impersonating a legitimate quantitative trading firm, demonstrating the increasing sophistication of state-sponsored crypto theft operations targeting institutional-grade DeFi infrastructure.
