North Korean Hackers Execute $285 Million Heist on DeFi Platform Drift
A sophisticated cyberattack attributed to North Korean hackers resulted in the theft of $285 million from the decentralized finance (DeFi) platform Drift. The attack was meticulously planned, involving the use of durable nonce accounts to pre-sign transactions and the compromise of multisig signers’ approvals. Drift is collaborating with security firms, exchanges, and law enforcement to trace and freeze the stolen assets. The attack was executed with precision, with hackers setting up infrastructure eight days prior, gaining admin control, and draining funds from five vaults within seconds. The attackers used a durable nonce to create a transaction on the Solana blockchain, pre-signing every transaction to ensure rapid execution. They gained control of a Drift admin key, allowing them to modify protocol settings, and created a fake collateral market to facilitate the heist. 
