Crypto's Biggest Security Problem Isn't the Code Anymore
DefiLlama data shows $17 billion stolen across 518 incidents in a decade, and more than half of the losses came from stolen keys or phished humans. The…
Drift Protocol is a Solana-based perpetuals DEX that became the center of one of the largest exploits in DeFi history when a $285M attack drained the protocol in April 2026, and the post-mortem traced the breach back to North Korean operatives who had been embedded in DeFi development teams since 2020. The coverage here tracks the full incident and what came after: the $285M exploit and the on-chain trail across mixers and bridges, Circle’s response on USDC freezes and the class action lawsuit that followed over freeze failures, Tether’s $127.5M commitment to the recovery effort, the North Korean IT worker investigation that exposed how deep state-sponsored infiltration of DeFi protocols actually runs, and the Solana ecosystem response from major protocols and validators. Drift continues to operate, and the technical questions are not the most interesting part of the story anymore. The interesting part is what the case revealed about who actually builds DeFi protocols, how due diligence on contributors actually works, and how stablecoin issuers respond when stolen funds move across chains faster than legal compulsion can travel. Coinliva covers the recovery effort, the legal proceedings, the regulatory response, and the broader implications for every protocol relying on anonymous or pseudonymous contributors.
DefiLlama data shows $17 billion stolen across 518 incidents in a decade, and more than half of the losses came from stolen keys or phished humans. The…
A pre-signed transaction feature designed for convenience became the entry point for the largest DeFi hack of 2026. Elliptic has flagged North Korean state actors. Circle faces fresh scrutiny.
North Korean group UNC4736 stole $270 million from Drift Protocol on April 1, converting part of it into USDC via Circle's own bridge. Circle's formal response clarifies when and why it can freeze assets — and calls for legislative action.
Investors allege Circle let $230 million in stolen USDC cross from Solana to Ethereum without intervention. The lawsuit lands as Tether steps in with a $127.5 million recovery package.
The $150 million recovery plan will fund user reimbursements as Drift relaunches with USDt as its settlement asset. Circle faced heavy criticism for not freezing $232 million in USDC that the North Korea-linked attacker moved through its own bridge.