Drift Protocol Launches Full Rebuild After North Korean Hacker Attack, Enlists Top-Tier Security Team to Accelerate Platform Post-Mortem

According to Drift’s official announcement, the Drift Protocol released its latest recovery update on June 3, 2026. An independent forensic investigation conducted by cybersecurity firm Mandiant has confirmed that the prior attack against Drift was carried out by the North Korean threat group UNC6862, whose tactics closely align with those historically employed by North Korean state-sponsored hacking operations. On the rebuilding front, Drift announced the appointment of Noah Prince—former Engineering Lead of the Helium Protocol—as Protocol Lead, who will spearhead codebase hardening and platform security architecture redesign. Additionally, former members of the Gauntlet team have been brought on board to conduct margin engine reviews, optimize funding rates and market parameters, enhance liquidation mechanisms, and implement continuous risk monitoring. Drift plans to relaunch with “security-first” as its core principle, repositioning itself as Solana’s largest USDT-perpetuals exchange. With support from strategic partners including Tether, Drift will establish a dedicated recovery pool funded by platform revenues to compensate users for losses. Further details regarding the recovery mechanism and timeline will be disclosed progressively.