Elliptic: Drift attack incident suspected to be carried out by North Korean hackers

ME News report. On April 2 (UTC+8), blockchain analytics firm Elliptic said that Drift Protocol suffered a loss of $285 million due to an attack, and that “multiple signs” point to a DPRK hacker organization supported by North Korea. Elliptic focused on analyzing on-chain behavior, money-laundering techniques, and network-layer signals, all of which match previously attributed state-linked attacks. The Elliptic report stated: “If confirmed, this would be the 18th DPRK attack action tracked by Elliptic this year; to date, more than $300 million has been stolen.” Technically, Elliptic described the attack as “premeditated and carefully orchestrated,” with early test transactions and pre-deployed wallets already in place before the main attack. After the attack was carried out, the funds were quickly consolidated and transferred via cross-chain transfers, converted into assets with higher liquidity, forming a set of organized, repeatable money-laundering processes intended to obscure the source of funds while retaining control. The incident involved more than ten types of assets. Funds were transferred from Solana via cross-chain routes to Ethereum and other chains, further highlighting the importance of cross-chain traceability. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain, and its token has fallen by more than 40% to about $0.06 since the hack. (Source: ChainCatcher)