$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Summary
A $285 million hack on the decentralized exchange Drift, which occurred on April 1, 2026, has been traced back to a six-month social engineering operation initiated by the Democratic People's Republic of Korea (DPRK) in the fall of 2025. The operation was described as highly targeted and meticulously planned by Drift.
IFF Assessment
This is bad news for defenders as it highlights a sophisticated, long-term social engineering campaign by a state-sponsored actor that successfully exfiltrated a significant amount of funds.
Defender Context
This incident underscores the persistent threat of state-sponsored actors employing elaborate social engineering tactics to compromise financial platforms. Defenders must remain vigilant against protracted phishing and impersonation schemes, especially those targeting key personnel or exploiting trust within organizations.