Elliptic: Drift attack incident suspected to be carried out by North Korean hackers

ME News message: On April 2 (UTC+8), blockchain analytics firm Elliptic stated that the Drift Protocol suffered an attack resulting in a loss of $285 million, with “multiple signs” pointing to DPRK hacker groups backed by North Korea. Elliptic focused on analyzing on-chain behavior, money-laundering techniques, and network-layer signals, all of which matched earlier attacks linked to states. Elliptic’s report said: “If confirmed, this would be the 18th DPRK attack action Elliptic has tracked this year, with more than $300 million stolen so far.” On the technical side, Elliptic described the attack as “premeditated and meticulously planned,” noting that before the main attack there were early test transactions and pre-deployed wallets. After the attack was carried out, the funds were quickly consolidated and transferred via cross-chain transfers, converted into assets with higher liquidity, forming a set of organized, repeatable money-laundering procedures designed to both obscure the source of funds and maintain control. The incident involved more than ten types of assets. Funds were transferred from Solana via cross-chain routes to Ethereum and other chains, further underscoring the importance of cross-chain traceability. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain, and its token has fallen by more than 40% to about $0.06 since the hack. (Source: ChainCatcher)