North Korean Hackers Execute Major Social Engineering Attack on Drift Protocol

Severity: High (Score: 71.9)

Sources: Bitget, Chaincatcher

Summary

North Korean hackers conducted extensive offline infiltration with employees of Drift Protocol over several months before executing a significant social engineering attack. This attack has resulted in losses estimated at approximately $285 million, marking it as one of the largest in the cryptocurrency sector's history. According to TRM Labs, North Korean hackers have been responsible for 76% of all cryptocurrency hacking losses in 2026 to date. The attack highlights the ongoing threat posed by state-sponsored cyber operations targeting the cryptocurrency industry. The specific methods and tools used in this attack have not been detailed in the articles. The incident raises alarms about the security measures in place at cryptocurrency firms and the effectiveness of their employee training against social engineering tactics. Current investigations are likely ongoing to assess the full impact and to identify any additional vulnerabilities. Key Points: • North Korean hackers executed a social engineering attack on Drift Protocol, causing $285 million in losses. • The hackers had months of offline contact with Drift employees prior to the attack. • In 2026, North Korean hackers accounted for 76% of all cryptocurrency hacking losses.

Key Entities

• Phishing (attack_type)
• Drift Protocol (company)
• T1566 - Phishing (mitre_attack)