Elliptic: Drift attack incident suspected to be carried out by North Korean hacker group

ME News Report, April 2 (UTC+8), blockchain analytics firm Elliptic stated that the Drift Protocol attack led to losses of $285 million, with “multiple signs” pointing to a DPRK hacker organization supported by North Korea. Elliptic focused on analyzing on-chain behavior, money laundering methods, and network-layer signals, all of which matched prior attacks attributed to the state. The Elliptic report said: “If confirmed, this would be the 18th DPRK attack action Elliptic has tracked this year, with more than $300 million stolen to date.” On the technical side, Elliptic described the attack as “premeditated and carefully orchestrated,” noting that before the main attack, there were early test transactions and pre-deployed wallets. After the attack was carried out, the funds were quickly consolidated and transferred across chains, converted into more liquid assets, forming a structured and repeatable money laundering process designed to both obscure the source of funds and maintain control. The incident involved more than 10 types of assets; the funds were transferred cross-chain from Solana to Ethereum and other chains, further underscoring the importance of cross-chain traceability. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain, and its token has fallen by more than 40% to approximately $0.06 since the hack. (Source: ChainCatcher)