Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
Summary
Solana-based decentralized exchange Drift reported a loss of approximately $285 million due to a security incident on April 1, 2026. Attackers exploited a novel method involving durable nonces to gain unauthorized access and seize administrative control of Drift's Security Council. The attack is reportedly linked to North Korea (DPRK).
IFF Assessment
This is bad news for defenders as it highlights a successful, novel attack method that resulted in a massive financial loss for a decentralized finance platform, potentially inspiring similar attacks.
Defender Context
This incident demonstrates the evolving sophistication of social engineering attacks, particularly in the DeFi space. Defenders need to be vigilant about novel attack vectors that bypass traditional security controls and focus on robust administrative access controls and anomaly detection. The DPRK linkage suggests state-sponsored or highly organized threat actor involvement, implying advanced capabilities.