North Korean Hackers Attack Drift Protocol In USD 285 Million Heist | TRM Blog

North Korean hackers executed a USD 285 million heist on the Drift Protocol within the Solana blockchain, highlighting the DPRK's ongoing cybercrime efforts.

In a bold and alarming move, North Korean hackers recently struck again, this time targeting the Drift Protocol on the Solana blockchain, resulting in a staggering USD 285 million heist . This robbery marks yet another chapter in the ongoing saga of cybercrime facilitated by the Democratic People’s Republic of Korea (DPRK), a nation that has become infamous for its sophisticated cyber operations. How Did This Happen? The specifics of the Drift Protocol breach are still emerging, but it aligns with North Korea’s established modus operandi of exploiting vulnerabilities in crypto platforms. Notably, hackers are known to compromise critical security components like private keys and seed phrases, which are essential for accessing digital wallets. Once these digital assets are hijacked, they are typically transferred to wallet addresses that are under the control of North Korean operatives. What Does This Mean for the Crypto Community? The implications of such a breach are far-reaching. With the hackers reportedly diverting stolen funds primarily to USDT (Tether) and Tron before converting them into hard currency via over-the-counter (OTC) brokers, the incident raises serious concerns about the security integrity of DeFi platforms on Solana and beyond. Could North Korea’s Attacks Signal Further Risks? According to research from TRM Labs, North Korea was responsible for around 30% of all funds stolen in crypto attacks last year, totaling approximately USD 600 million . While this figure was a decrease from the USD 850 million taken in 2022, the severity of the attacks remains notable, with DPRK hacks averaging ten times as destructive as those attributed to other threat actors. What Are the Broader Implications for Security? Cybersecurity firms and exchanges must remain vigilant. The DPRK has continued to evolve its methods, particularly in money laundering. Recent sanctions on known mixers like Tornado Cash and ChipMixer have forced them to adapt by seeking alternative ro