Drift: The hacker is suspected to be affiliated with a North Korean organization, having spent half a year disguising contacts before finally launching the intrusion.

金色财经_ · 2026-04-05T03:36:04+00:00

Golden Finance reports that Drift released an investigation indicating that the attack originated from the same actor involved in the 2024 Radiant Capital hacking incident, and that the event is linked to the North Korean government. The attack was meticulously planned over six months, with the attacker disguising as a "quantitative trading company" to contact multiple Drift contributors.

金色财经_

2026-04-05 03:36:04

Abstract generation in progress

Golden Finance reports that on April 5, Drift released the latest findings on the attack incident. It indicates that this action was carried out by the same threat actor as the 2024 October Radiant Capital hacking incident, with highly matching on-chain fund flows and operating methods. Mandiant attributes the Radiant Capital hacking incident to UNC4736, an organization associated with the North Korean government. In addition, this attack was the result of carefully planned operations over a six-month period. Starting in the fall of 2025, a group posing as “quant trading firms” proactively contacted Drift contributors at multiple international crypto conferences.

DRIFT32,97%

RDNT11,63%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.