- Attackers drained roughly US$280 million from Drift Protocol on April 1, exploiting Solana’s sturdy nonce function to pre-sign malicious transactions weeks prematurely and seize safety council management.
- Three protocol vaults have been emptied, together with roughly 41.7 million JLP tokens value roughly US$155 million, earlier than stolen funds have been quickly swapped to USDC and bridged to Ethereum.
- Blockchain analytics agency Elliptic recognized a number of on-chain indicators in line with North Korean state tradecraft.
Drift Protocol, Solana’s largest decentralised perpetual futures change, misplaced roughly US$280 million (AU$400 million) on April 1 after attackers exploited a novel Solana function to pre-approve malicious admin transactions weeks prematurely, seizing safety council management and draining three protocol vaults.
Blockchain analytics agency Elliptic flagged the operation as a suspected North Korean state assault.
Drift Protocol held roughly US$550 million (AU$843 million) in complete worth locked (TVL) earlier than the assault. That determine collapsed to below US$250 million (AU$383 million) inside hours of the exploit.
As collateral, SOL’s spot value dropped roughly 9% to roughly US$78.60 (AU$120.40), marking the second-largest Solana exploit on document after the Wormhole bridge assault of 2022, which drained US$326 million (AU$499 million).
Learn extra: Bitrefill Hack Exposes Wallets and Gift Card Systems as North Korean Links Emerge
Not An April Fools’ Joke
Crypto Information Australia reported how Drift acknowledged the breach in actual time.
We’re observing uncommon exercise on the protocol. We’re at the moment investigating. Please don’t deposit funds into the protocol whereas we examine. This isn’t an April Fools joke.
Blockchain analytics agency Elliptic attributed the assault to North Korean-linked actors, citing transaction patterns, laundering strategies, and community signatures in line with prior operations.
The agency estimated complete losses at US$286 million (AU$415 million) and stated the incident was the 18th suspected DPRK-linked crypto assault in 2026. 12 months-to-date, such teams have stolen greater than US$300 million (AU$435 million).
North Korean-linked actors stole about US$2 billion (AU$2.9 billion) in crypto in 2025, representing roughly 60% of world theft that 12 months. Throughout all recorded operations, cumulative losses exceed US$6.5 billion (AU$9.43 billion), funds the U.S. authorities has linked to weapons improvement applications.
The Drift exploit is among the largest decentralised finance breaches to this point, following the US$1.5 billion (AU$2.18 billion) Bybit hack in 2025.
Associated: Man Charged in Crypto Exchange Hacks Faces Up to 30 Years
The submit $280M Drift Hack Linked to Suspected North Korean Attack Using Novel Solana Exploit appeared first on Crypto News Australia.