Drift Protocol Relaunches After $285 Million Cyberattack by North Korean Hackers

Severity: High (Score: 77.0)

Sources: Uk.Finance.Yahoo, Pymnts, Thedefiant, tether.io, www.drift.trade

Summary

Drift Protocol, a decentralized finance platform, suffered a significant exploit on April 1, 2026, resulting in the theft of approximately $285 million in cryptocurrency. The attack was attributed to a North Korean state-affiliated group and involved a sophisticated social engineering scheme. Following the incident, Drift has secured up to $150 million in funding from Tether, transitioning its settlement layer from USDC to USDT. The recovery plan aims to restore user balances over time as exchange revenues grow. Drift has partnered with law enforcement and blockchain forensics to track and recover stolen assets. The protocol is undergoing a full reboot, with independent audits required before relaunch. The Insurance Fund remains unaffected, ensuring depositors' assets are intact. Drift's user base includes over 128,000 users, and the platform is expected to relaunch soon. Key Points: • Drift Protocol lost approximately $285 million due to a cyberattack linked to North Korean hackers. • Tether is providing up to $150 million to support Drift's recovery and relaunch efforts. • Drift is transitioning from USDC to USDT as its primary settlement asset to enhance security.

Key Entities

• Data Breach (attack_type)
• Drift (campaign)
• Drift Protocol (company)
• Ethereum (company)
• North Korea (country)
• Financial (industry)
• Solana (platform)
• TRON (platform)