Close Menu
  • Home
  • Cybercrime and Ransomware
  • Emerging Tech
  • Threat Intelligence
  • Expert Insights
  • Careers and Learning
  • Compliance

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

Researchers Uncover Exploitation of Critical Oracle Vulnerability

July 1, 2026

AI-driven cyber attacks pose rising, underprepared threat.

July 1, 2026

Adobe ColdFusion and Campaign Classic patch critical vulnerabilities exploited.

July 1, 2026
Facebook X (Twitter) Instagram
The CISO Brief
  • Home
  • Cybercrime and Ransomware
  • Emerging Tech
  • Threat Intelligence
  • Expert Insights
  • Careers and Learning
  • Compliance
Home » Drift Loses $285M in Major Nonce Social Engineering Attack Tied to DPRK
Uncategorized

Drift Loses $285M in Major Nonce Social Engineering Attack Tied to DPRK

Staff WriterBy Staff WriterApril 3, 2026No Comments2 Mins Read5 Views
Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest WhatsApp Email

Top Highlights

  1. Drift, a Solana-based decentralized exchange, lost approximately $285 million in a sophisticated attack involving social engineering and multi-week planning without exploiting smart contract vulnerabilities.
  2. The breach was executed within 10 seconds by draining major vaults after obtaining multisig approvals and controlling protocol-level permissions.
  3. Evidence suggests North Korean state-linked actors (DPRK) are behind the attack, aligning with their ongoing, well-resourced crypto theft campaign that has stolen over $6.5 billion since early 2023.
  4. The incident highlights escalating threats from DPRK hacking groups, which now employ advanced social engineering and AI tools, targeting not just exchanges but all crypto infrastructure, with recent supply chain attacks linked to these actors.

Drift’s Security Breach Results in Massive Loss

Recently, the decentralized exchange Drift lost around $285 million in a security attack. The breach happened on April 1, 2026, and was carried out using a sophisticated social engineering tactic involving durable nonces. Attackers quickly gained control over Drift’s administrative powers and executed the theft within minutes. This incident did not exploit flaws in Drift’s smart contracts, but instead, it misused transaction approvals to take over the platform. The company states the breach involved staged preparations that lasted for weeks. As a result, the thieves introduced a fake asset and removed withdrawal limits, enabling them to steal funds efficiently. It highlights the increasing danger posed by targeted social engineering in the crypto world.

Link to North Korea and Wider Implications

Security analysts suggest North Korean hackers may be behind this attack. Investigations identify patterns similar to previous crimes linked to DPRK-assisted groups. These groups often use techniques like mixing stolen funds through services such as Tornado Cash and cross-chain bridges. Moreover, they operate with high speed, draining assets almost instantly. Reports indicate that North Korea’s cyber theft operations have stolen over $6.5 billion in recent years, funding their weapons programs. This latest attack emphasizes how social engineering and technical manipulation are growing threats in cryptocurrency sectors. It also underscores the ongoing need for enhanced security measures and vigilant oversight across the entire human and technological journey toward digital autonomy.

Discover More Technology Insights

Stay informed on the revolutionary breakthroughs in Quantum Computing research.

Access comprehensive resources on technology by visiting Wikipedia.

DataProtection-V1

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous Article14,000+ F5 BIG-IP APM Devices at Risk from Active RCE Exploits
Next Article Boost Your Business Resilience: 7 Essential Backup & Recovery Strategies
Avatar photo
Staff Writer
  • Website

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Salesforce Disables Klue App After Data Breach from Token Abuse

June 19, 2026

Stay Safe: Top Tech Tip to Avoid World Cup Ticket Scams Online

June 18, 2026

SoftBank & OpenAI Unite to Defend Japan from Cyberattacks

June 16, 2026

Comments are closed.

Latest Posts

Researchers Uncover Exploitation of Critical Oracle Vulnerability

July 1, 2026

Fluentd Vulnerabilities Enable Remote Code Execution

July 1, 2026

Weaponizing Windows Drivers to Bypass Antivirus and EDR

July 1, 2026

Mastering Detection Engineering: A Programmatic Approach to Cyber Threats

July 1, 2026
Don't Miss

Salesforce Disables Klue App After Data Breach from Token Abuse

By Staff WriterJune 19, 2026

Quick Takeaways Salesforce disabled Klue Battlecards app integration after detecting unauthorized activity linked to a…

Stay Safe: Top Tech Tip to Avoid World Cup Ticket Scams Online

June 18, 2026

SoftBank & OpenAI Unite to Defend Japan from Cyberattacks

June 16, 2026

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

Recent Posts

  • Researchers Uncover Exploitation of Critical Oracle Vulnerability
  • AI-driven cyber attacks pose rising, underprepared threat.
  • Adobe ColdFusion and Campaign Classic patch critical vulnerabilities exploited.
  • Kemp LoadMaster Pre-Auth RCE Under Active Exploitation
  • Fluentd Vulnerabilities Enable Remote Code Execution
About Us
About Us

Welcome to The CISO Brief, your trusted source for the latest news, expert insights, and developments in the cybersecurity world.

In today’s rapidly evolving digital landscape, staying informed about cyber threats, innovations, and industry trends is critical for professionals and organizations alike. At The CISO Brief, we are committed to providing timely, accurate, and insightful content that helps security leaders navigate the complexities of cybersecurity.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

Researchers Uncover Exploitation of Critical Oracle Vulnerability

July 1, 2026

AI-driven cyber attacks pose rising, underprepared threat.

July 1, 2026

Adobe ColdFusion and Campaign Classic patch critical vulnerabilities exploited.

July 1, 2026
Most Popular

Protecting MCP Security: Defeating Prompt Injection & Tool Poisoning

January 30, 202633 Views

Unlock the Power of Free WormGPT: Harnessing DeepSeek, Gemini, and Kimi-K2 AI Models

November 27, 202530 Views

The New Face of DDoS is Impacted by AI

August 4, 202528 Views

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025

Categories

  • Compliance
  • Cyber Updates
  • Cybercrime and Ransomware
  • Editor's pick
  • Emerging Tech
  • Events
  • Featured
  • Insights
  • Most Read
  • Threat Intelligence
  • Uncategorized
© 2026 thecisobrief. Designed by thecisobrief.
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions

Type above and press Enter to search. Press Esc to cancel.