Over the weekend, the team behind Drift, a Solana-based crypto protocol for perpetual futures trading, provided a comprehensive update on the massive April 1 hack that drained $285 million. The incident has been attributed to a sophisticated six-month intelligence operation run by North Korean state-sponsored hackers group UNC4736. The attack began in fall 2025 with attackers posing as a quantitative trading firm, building relationships through in-person meetings at major crypto conferences across multiple countries. The breach involved compromised devices through malicious TestFlight apps and VSCode vulnerabilities, ultimately leading to the largest crypto exploit of 2026. Some observers are criticizing the Drift team for security lapses, including allowing unvetted apps on hardware tied to multi-signature access and lack of strict compartmentalization between development environments and signing keys.
Crypto Project Details Alleged 6-Month North Korean Intel Op Behind $285 Million Hack
G
Gizmodo
Tuesday, April 7, 2026·5 min read·DeFi
Source: gizmodo.com·This article is an original analysis by CryptoFirst based on publicly available information.
#North Korea#social engineering#multisig#Solana#state-sponsored
Disclaimer: CryptoFirst provides news analysis for informational purposes only. This is not financial advice. Cryptocurrency investments are subject to market risks. Please do your own research before making any investment decisions.
Related Articles
DeFi
Crypto Hack News: Drift Protocol Lost $280M After 6-Month Setup
The Coin Republic·Apr 7, 2026
DeFi
DeFi Technologies Reports Record-Breaking Financial Performance Amid Market Expansion
CryptoFirst·Apr 7, 2026
DeFi
Major DeFi Protocol Suffers Devastating $285M Hack as Security Concerns Mount
CryptoFirst·Apr 7, 2026