Elliptic: Drift attack incident suspected to be carried out by North Korean hacker group

ME News message: On April 2 (UTC+8), blockchain analytics firm Elliptic said that the Drift Protocol attack resulted in losses of $285 million, and that “multiple signs” point to a DPRK hacking organization supported by North Korea. Elliptic focused on analyzing on-chain activity, money-laundering methods, and network-level signals, all of which matched previously reported attacks linked to the state. The Elliptic report said: “If confirmed, this would be the 18th DPRK attack operation Elliptic has tracked this year, with more than $300 million stolen to date.” At the technical level, Elliptic described the attack as “premeditated and meticulously planned,” with early test transactions and pre-deployed wallets in place before the main attack. After the attack was carried out, the funds were quickly consolidated and transferred across chains, converted into more liquid assets, forming an organized, repeatable money-laundering process designed to obscure the source of the funds while maintaining control. The incident involved more than 10 types of assets, with funds transferred from Solana across chains to Ethereum and other chains, further highlighting the importance of cross-chain traceability. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain, and its token has fallen by more than 40% to approximately $0.06 since the hack. (Source: ChainCatcher)