Elliptic: Drift attack incident suspected to be carried out by North Korean hackers

ME News Report, April 2 (UTC+8): Blockchain analytics firm Elliptic said the Drift Protocol was attacked, resulting in a loss of $285 million. “Multiple signs” point to a North Korea-backed DPRK hacker organization. Elliptic focused on analyzing on-chain behavior, money-laundering methods, and network-level signals—all of which match previously attributed state-linked attacks. The Elliptic report said: “If confirmed, this would be the 18th DPRK attack operation Elliptic has tracked this year, with more than $300 million stolen so far.” On the technical side, Elliptic described the attack as “premeditated and meticulously planned.” There were early test transactions and pre-positioned wallets before the main attack. After the attack was carried out, the funds were quickly consolidated and transferred across chains, then converted into more liquid assets, forming an organized, repeatable money-laundering process intended to obscure the source of funds while maintaining control. The incident involved more than ten types of assets. Funds were transferred across chains from Solana to Ethereum and other chains, further highlighting the importance of cross-chain traceability. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain, and since the hack, its token has fallen by more than 40% to approximately $0.06. (Source: ChainCatcher)