Elliptic: Drift attack incident suspected to be carried out by North Korean hackers

ME News report, April 2 (UTC+8). Blockchain analytics firm Elliptic said the Drift Protocol was hit by an attack that resulted in a loss of $285 million, and that “multiple signs” point to DPRK hacker groups supported by North Korea. Elliptic focused on analyzing on-chain activity, money-laundering methods, and network-layer signals, all of which matched earlier state-linked attacks. The Elliptic report said: “If confirmed, this would be the 18th DPRK attack action Elliptic has tracked this year, with more than $300 million stolen so far.” From a technical perspective, Elliptic described the attack as “premeditated and meticulously planned,” with early test transactions and pre-deployed wallets carried out before the main attack. After the attack was executed, the funds were quickly consolidated and transferred across chains, converted into assets with higher liquidity, forming an organized and repeatable money-laundering process designed to obscure the source of funds while maintaining control. The incident involved more than ten types of assets. Funds were transferred from Solana to Ethereum and other chains via cross-chain transfers, further highlighting the importance of cross-chain traceability. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain, and its token has fallen by more than 40% to about $0.06 since the hack. (Source: ChainCatcher)