Elliptic: Drift attack incident suspected to be carried out by North Korean hacker group

ME News message: On April 2 (UTC+8), blockchain analytics firm Elliptic said the Drift Protocol was attacked, resulting in losses of $285 million. “Multiple signs” point to DPRK hacker groups supported by North Korea. Elliptic focused on analyzing on-chain behavior, money-laundering methods, and signals at the network layer, all of which match previous state-linked attacks. The Elliptic report said: “If confirmed, this will be the 18th DPRK attack action Elliptic has tracked this year, with more than $300 million stolen so far.” On the technical side, Elliptic described the attack as “premeditated and meticulously planned,” with early test transactions and pre-deployed wallets set up before the main attack. After the attack was carried out, the funds were quickly consolidated and transferred across chains, converted into assets with higher liquidity, forming a set of organized, repeatable money-laundering steps designed to obscure the source of funds while keeping control. The incident involved more than ten asset types. Funds were transferred cross-chain from Solana to Ethereum and other chains, further highlighting the importance of cross-chain traceability. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain, and its token has fallen by more than 40% to about $0.06 since the hack. (Source: ChainCatcher)