News Heat Trend
Project Overview
Drift Protocol is a Solana on-chain asset trading center, offer Perps, Prediction Market and so on services.
Drift Protocol Launches Full Rebuild After North Korean Hacker Attack, Enlists Top-Tier Security Team to Accelerate Platform Post-Mortem
According to Drift’s official announcement, the Drift Protocol released its latest recovery update on June 3, 2026. An independent forensic investigation conducted by cybersecurity firm Mandiant has confirmed that the prior attack against Drift was carried out by the North Korean threat group UNC6862, whose tactics closely align with those historically employed by North Korean state-sponsored hacking operations. On the rebuilding front, Drift announced the appointment of Noah Prince—former Engineering Lead of the Helium Protocol—as Protocol Lead, who will spearhead codebase hardening and platform security architecture redesign. Additionally, former members of the Gauntlet team have been brought on board to conduct margin engine reviews, optimize funding rates and market parameters, enhance liquidation mechanisms, and implement continuous risk monitoring. Drift plans to relaunch with “security-first” as its core principle, repositioning itself as Solana’s largest USDT-perpetuals exchange. With support from strategic partners including Tether, Drift will establish a dedicated recovery pool funded by platform revenues to compensate users for losses. Further details regarding the recovery mechanism and timeline will be disclosed progressively.
Bloomberg: AI threats are increasing, with over half of blockchain attacks in 2025 theoretically automatable by AI
in April 2026, two major DeFi attacks on Drift Protocol and Kelp DAO resulted in losses of nearly $600 million, triggering approximately $9 billion in capital outflows from protocols like Aave. TRM Labs investigator Nick Carlsen stated that a hacker group suspected to be linked to North Korea has allegedly used AI to assist in target selection and attack path design. Failsafe CEO Aneirin Flynn said that AI has compressed the time for discovering blockchain vulnerabilities from months to days or even hours. The report noted that Anthropic has not fully opened its AI model Mythos due to cybersecurity risks, claiming the model has the capability to discover large-scale zero-day vulnerabilities. Its research indicates that over half of blockchain attacks in 2025 could theoretically be completed autonomously by AI. (Bloomberg)
Upbit and Bithumb to Delist DRIFT
According to an official announcement, Upbit and Bithumb have stated that member companies of the Korea Digital Asset Exchange Association (DAXA) plan to terminate trading support for DRIFT. The reason for terminating DRIFT trading is that the foundation’s explanatory materials alone are insufficient to alleviate concerns that led to the project’s inclusion on the “Trading Caution List.” Furthermore, after a comprehensive review of all aspects related to the project’s progress, it was determined that the project fails to meet the criteria required to maintain trading support. DRIFT trading (buy/sell) will end on June 1, 2026, at 16:00 KST. Support for DRIFT withdrawals will be terminated on July 1, 2026, at 16:00 KST.
CertiK: Phishing, Deepfakes, and Supply Chain Attacks Could Become the Biggest Crypto Security Threats in 2026
According to Natalie Newson, Senior Blockchain Investigator at CertiK, real-time deepfakes, phishing attacks, supply-chain compromises, and cross-chain vulnerabilities will be the primary drivers of cryptocurrency hacks in 2026. So far this year, the industry has lost over $600 million to hacking incidents—including the $293 million Kelp DAO exploit and the $280 million theft from Drift Protocol in April—both linked to a North Korean hacker group. Newson warns that the accelerated advancement of AI will make attack methods increasingly sophisticated, including more realistic deepfakes, autonomous attack agents, and “agent AIs” capable of automatically scanning smart contracts for vulnerabilities. However, AI can also serve as a defensive tool. CertiK advises investors to verify URL authenticity and store assets in cold wallets to mitigate risk.
Circle Responds to Drift Theft Incident, Calls for Enhanced Accountability and Rule of Law in Open Financial Systems
Circle Chief Strategy Officer Dante Disparte responded to the major security breach affecting Drift Protocol on April 1, which resulted in over $270 million in stolen funds. He stated that open financial systems must be built upon foundations of legal accountability, shared security, and rules that evolve in real time with emerging threats. Circle freezes USDC funds only when legally required—a measure reflecting its compliance obligations and safeguarding users’ assets and privacy rights. He emphasized that openness and accountability must be balanced, and all participants across the ecosystem—including protocols, wallets, infrastructure providers, exchanges, and stablecoin issuers—must jointly shoulder responsibility for security and accountability. Circle is collaborating with U.S. and international policymakers to advance stablecoin legislation, including the GENIUS Act, to establish a more modern legal framework enabling lawful, rapid intervention against illicit activities while protecting property rights and privacy—ensuring the continued resilience and robust growth of open financial systems.
U.S. law firm launches class-action litigation investigation into Drift Protocol hack, targeting Circle
U.S. law firm Gibbs Mura has launched a class-action litigation investigation into the April 1, 2026, hack of Drift Protocol, reviewing potential investor claims against Circle Internet Financial. The attack resulted in the theft of approximately $280–285 million in assets. The attacker subsequently used Circle’s Cross-Chain Transfer Protocol (CCTP) to bridge over $230 million worth of USDC to Ethereum—Circle took no action to freeze the funds throughout the incident. Notably, just nine days prior, Circle had voluntarily frozen 16 business wallets in a separate civil dispute. Blockchain analytics firm Elliptic suspects the attack was carried out by a North Korea–backed hacking group. As a result of the breach, Drift Protocol’s total value locked (TVL) plummeted from $550 million to below $250 million, the DRIFT token price dropped more than 40%, and at least 20 DeFi protocols suffered indirect losses.
Drift Protocol Launches Full Rebuild After North Korean Hacker Attack, Enlists Top-Tier Security Team to Accelerate Platform Post-Mortem
According to Drift’s official announcement, the Drift Protocol released its latest recovery update on June 3, 2026. An independent forensic investigation conducted by cybersecurity firm Mandiant has confirmed that the prior attack against Drift was carried out by the North Korean threat group UNC6862, whose tactics closely align with those historically employed by North Korean state-sponsored hacking operations. On the rebuilding front, Drift announced the appointment of Noah Prince—former Engineering Lead of the Helium Protocol—as Protocol Lead, who will spearhead codebase hardening and platform security architecture redesign. Additionally, former members of the Gauntlet team have been brought on board to conduct margin engine reviews, optimize funding rates and market parameters, enhance liquidation mechanisms, and implement continuous risk monitoring. Drift plans to relaunch with “security-first” as its core principle, repositioning itself as Solana’s largest USDT-perpetuals exchange. With support from strategic partners including Tether, Drift will establish a dedicated recovery pool funded by platform revenues to compensate users for losses. Further details regarding the recovery mechanism and timeline will be disclosed progressively.
The crypto industry suffered $68.3 million in security losses in May, a nearly 90% decrease month-on-month
data from blockchain security firm CertiK shows total losses in the crypto sector from hacks, vulnerabilities, and scams in May 2026 were approximately $68.3 million. This represents a nearly 90% decline from the over $650 million in losses recorded in April, making it the third month this year where losses fell below $100 million. Phishing attacks accounted for about $2.6 million of the losses.In April, industry losses surged due to two major attacks on Drift Protocol and KelpDAO, which together accounted for approximately 95% of the month's losses, making April one of the most devastating months for losses in recent years.The institution reminds that while large-scale protocol-level attacks have decreased, risks such as phishing, deepfakes, and credential leaks are on the rise, with the focus of attacks increasingly shifting towards personnel and identity systems. The decline in losses this time is merely due to the absence of major security incidents; the overall security risks in the industry have not been fundamentally eliminated. Cross-chain bridge vulnerabilities and insider threats remain primary risks. (Financefeeds)
Drift Protocol: Insurance Fund Unaffected by Attack; Users Can Withdraw Staked Shares After Recovery
Drift Protocol stated on X platform that after the protocol resumes operation, users who have staked in the Insurance Fund will be able to withdraw their corresponding shares normally. The Insurance Fund is designed to maintain the protocol's solvency during liquidation or bankruptcy scenarios. Since the protocol was paused before losses were realized through normal liquidation or bankruptcy processes, the Insurance Fund was not affected by the relevant vulnerability or attack.Drift Protocol added that the protocol's own Insurance Fund assets will be used to support system restart and user recovery, and it plans to disclose the relevant on-chain addresses to allow the community to track fund usage and subsequent deployment.
Bloomberg: AI threats are increasing, with over half of blockchain attacks in 2025 theoretically automatable by AI
in April 2026, two major DeFi attacks on Drift Protocol and Kelp DAO resulted in losses of nearly $600 million, triggering approximately $9 billion in capital outflows from protocols like Aave. TRM Labs investigator Nick Carlsen stated that a hacker group suspected to be linked to North Korea has allegedly used AI to assist in target selection and attack path design. Failsafe CEO Aneirin Flynn said that AI has compressed the time for discovering blockchain vulnerabilities from months to days or even hours. The report noted that Anthropic has not fully opened its AI model Mythos due to cybersecurity risks, claiming the model has the capability to discover large-scale zero-day vulnerabilities. Its research indicates that over half of blockchain attacks in 2025 could theoretically be completed autonomously by AI. (Bloomberg)
Drift Announces User Recovery Plan for the Attack Incident, to Issue Recovery Tokens and Relaunch the Exchange in Q2
According to the official disclosure by Drift Protocol, all affected wallets impacted by the April 1 attack will receive Recovery Tokens—representing their verified losses and proportional claims against the Recovery Pool—where each Recovery Token corresponds to $1 of verified loss. The Recovery Pool’s initial funding is approximately $3.8 million, sourced from converting the protocol’s remaining assets into USDT. It will be further replenished through a portion of quarterly net exchange revenue, partner contributions, and up to $127.5 million in matching deployment from Tether. Once the Recovery Pool exceeds $5 million, users may begin redeeming Recovery Tokens; the redemption price will be calculated as the Recovery Fund’s value divided by the outstanding supply of Recovery Tokens. Drift stated that the Insurance Fund was unaffected by the attack; any release of related funds requires governance proposals and DAO voting. The exchange plans to relaunch in Q2 2026, focusing primarily on perpetual contracts and a select set of markets. Additionally, it will replace its programs and addresses, rotate keys, reconstruct its community multisig, remove durable nonces and the Earn product, and implement operational security upgrades.
Drift Releases $295 Million Security Incident User Recovery Plan
According to Odaily, Drift Protocol has released a user recovery plan for the approximately $295 million security vulnerability incident on April 1, which was attributed to a North Korean-backed hacker group. Under the plan, Drift will issue receipt tokens representing users' verified losses, with each token corresponding to $1 in losses, allowing holders to gradually redeem based on the recovery pool's funding size.Currently, the recovery pool has initial funding of approximately $3.8 million. Subsequent funding sources include up to $127.5 million from exchange revenue, Tether-backed funds, and up to $20 million from partner contributions, aiming to cover total losses of approximately $295.4 million. Drift has frozen approximately $3.36 million in USDC and has established a public bounty program offering 10% of recovered assets. It is expected to relaunch the exchange in a "security-first" model during the second quarter. (CoinDesk)
Drift Protocol Launches Full Rebuild After North Korean Hacker Attack, Enlists Top-Tier Security Team to Accelerate Platform Post-Mortem
According to Drift’s official announcement, the Drift Protocol released its latest recovery update on June 3, 2026. An independent forensic investigation conducted by cybersecurity firm Mandiant has confirmed that the prior attack against Drift was carried out by the North Korean threat group UNC6862, whose tactics closely align with those historically employed by North Korean state-sponsored hacking operations. On the rebuilding front, Drift announced the appointment of Noah Prince—former Engineering Lead of the Helium Protocol—as Protocol Lead, who will spearhead codebase hardening and platform security architecture redesign. Additionally, former members of the Gauntlet team have been brought on board to conduct margin engine reviews, optimize funding rates and market parameters, enhance liquidation mechanisms, and implement continuous risk monitoring. Drift plans to relaunch with “security-first” as its core principle, repositioning itself as Solana’s largest USDT-perpetuals exchange. With support from strategic partners including Tether, Drift will establish a dedicated recovery pool funded by platform revenues to compensate users for losses. Further details regarding the recovery mechanism and timeline will be disclosed progressively.
The crypto industry suffered $68.3 million in security losses in May, a nearly 90% decrease month-on-month
data from blockchain security firm CertiK shows total losses in the crypto sector from hacks, vulnerabilities, and scams in May 2026 were approximately $68.3 million. This represents a nearly 90% decline from the over $650 million in losses recorded in April, making it the third month this year where losses fell below $100 million. Phishing attacks accounted for about $2.6 million of the losses.In April, industry losses surged due to two major attacks on Drift Protocol and KelpDAO, which together accounted for approximately 95% of the month's losses, making April one of the most devastating months for losses in recent years.The institution reminds that while large-scale protocol-level attacks have decreased, risks such as phishing, deepfakes, and credential leaks are on the rise, with the focus of attacks increasingly shifting towards personnel and identity systems. The decline in losses this time is merely due to the absence of major security incidents; the overall security risks in the industry have not been fundamentally eliminated. Cross-chain bridge vulnerabilities and insider threats remain primary risks. (Financefeeds)
Drift Protocol: Insurance Fund Unaffected by Attack; Users Can Withdraw Staked Shares After Recovery
Drift Protocol stated on X platform that after the protocol resumes operation, users who have staked in the Insurance Fund will be able to withdraw their corresponding shares normally. The Insurance Fund is designed to maintain the protocol's solvency during liquidation or bankruptcy scenarios. Since the protocol was paused before losses were realized through normal liquidation or bankruptcy processes, the Insurance Fund was not affected by the relevant vulnerability or attack.Drift Protocol added that the protocol's own Insurance Fund assets will be used to support system restart and user recovery, and it plans to disclose the relevant on-chain addresses to allow the community to track fund usage and subsequent deployment.
Drift Protocol Clarifies Redemption Mechanism: Early Exit at a Discount, or Wait for Higher Recovery Value
Drift Protocol released an explanation of its redemption mechanism, stating that users may redeem at any time after the redemption window opens. However, early redemptions will be fulfilled at the current pool’s proportional share, resulting in a recovery value lower than the full claim amount. Conversely, holders who delay redemption may receive a higher recovery price as the pool’s size grows. The protocol emphasizes that this mechanism aims to balance liquidity with the distribution of returns to long-term holders.
Drift Announces User Recovery Plan for the Attack Incident, to Issue Recovery Tokens and Relaunch the Exchange in Q2
According to the official disclosure by Drift Protocol, all affected wallets impacted by the April 1 attack will receive Recovery Tokens—representing their verified losses and proportional claims against the Recovery Pool—where each Recovery Token corresponds to $1 of verified loss. The Recovery Pool’s initial funding is approximately $3.8 million, sourced from converting the protocol’s remaining assets into USDT. It will be further replenished through a portion of quarterly net exchange revenue, partner contributions, and up to $127.5 million in matching deployment from Tether. Once the Recovery Pool exceeds $5 million, users may begin redeeming Recovery Tokens; the redemption price will be calculated as the Recovery Fund’s value divided by the outstanding supply of Recovery Tokens. Drift stated that the Insurance Fund was unaffected by the attack; any release of related funds requires governance proposals and DAO voting. The exchange plans to relaunch in Q2 2026, focusing primarily on perpetual contracts and a select set of markets. Additionally, it will replace its programs and addresses, rotate keys, reconstruct its community multisig, remove durable nonces and the Earn product, and implement operational security upgrades.
Drift Releases $295 Million Security Incident User Recovery Plan
According to Odaily, Drift Protocol has released a user recovery plan for the approximately $295 million security vulnerability incident on April 1, which was attributed to a North Korean-backed hacker group. Under the plan, Drift will issue receipt tokens representing users' verified losses, with each token corresponding to $1 in losses, allowing holders to gradually redeem based on the recovery pool's funding size.Currently, the recovery pool has initial funding of approximately $3.8 million. Subsequent funding sources include up to $127.5 million from exchange revenue, Tether-backed funds, and up to $20 million from partner contributions, aiming to cover total losses of approximately $295.4 million. Drift has frozen approximately $3.36 million in USDC and has established a public bounty program offering 10% of recovered assets. It is expected to relaunch the exchange in a "security-first" model during the second quarter. (CoinDesk)
Related news
Drift Protocol Launches Full Rebuild After North Korean Hacker Attack, Enlists Top-Tier Security Team to Accelerate Platform Post-Mortem
According to Drift’s official announcement, the Drift Protocol released its latest recovery update on June 3, 2026. An independent forensic investigation conducted by cybersecurity firm Mandiant has confirmed that the prior attack against Drift was carried out by the North Korean threat group UNC6862, whose tactics closely align with those historically employed by North Korean state-sponsored hacking operations. On the rebuilding front, Drift announced the appointment of Noah Prince—former Engineering Lead of the Helium Protocol—as Protocol Lead, who will spearhead codebase hardening and platform security architecture redesign. Additionally, former members of the Gauntlet team have been brought on board to conduct margin engine reviews, optimize funding rates and market parameters, enhance liquidation mechanisms, and implement continuous risk monitoring. Drift plans to relaunch with “security-first” as its core principle, repositioning itself as Solana’s largest USDT-perpetuals exchange. With support from strategic partners including Tether, Drift will establish a dedicated recovery pool funded by platform revenues to compensate users for losses. Further details regarding the recovery mechanism and timeline will be disclosed progressively.
The crypto industry suffered $68.3 million in security losses in May, a nearly 90% decrease month-on-month
data from blockchain security firm CertiK shows total losses in the crypto sector from hacks, vulnerabilities, and scams in May 2026 were approximately $68.3 million. This represents a nearly 90% decline from the over $650 million in losses recorded in April, making it the third month this year where losses fell below $100 million. Phishing attacks accounted for about $2.6 million of the losses.In April, industry losses surged due to two major attacks on Drift Protocol and KelpDAO, which together accounted for approximately 95% of the month's losses, making April one of the most devastating months for losses in recent years.The institution reminds that while large-scale protocol-level attacks have decreased, risks such as phishing, deepfakes, and credential leaks are on the rise, with the focus of attacks increasingly shifting towards personnel and identity systems. The decline in losses this time is merely due to the absence of major security incidents; the overall security risks in the industry have not been fundamentally eliminated. Cross-chain bridge vulnerabilities and insider threats remain primary risks. (Financefeeds)
Drift Protocol: Insurance Fund Unaffected by Attack; Users Can Withdraw Staked Shares After Recovery
Drift Protocol stated on X platform that after the protocol resumes operation, users who have staked in the Insurance Fund will be able to withdraw their corresponding shares normally. The Insurance Fund is designed to maintain the protocol's solvency during liquidation or bankruptcy scenarios. Since the protocol was paused before losses were realized through normal liquidation or bankruptcy processes, the Insurance Fund was not affected by the relevant vulnerability or attack.Drift Protocol added that the protocol's own Insurance Fund assets will be used to support system restart and user recovery, and it plans to disclose the relevant on-chain addresses to allow the community to track fund usage and subsequent deployment.
Bloomberg: AI threats are increasing, with over half of blockchain attacks in 2025 theoretically automatable by AI
in April 2026, two major DeFi attacks on Drift Protocol and Kelp DAO resulted in losses of nearly $600 million, triggering approximately $9 billion in capital outflows from protocols like Aave. TRM Labs investigator Nick Carlsen stated that a hacker group suspected to be linked to North Korea has allegedly used AI to assist in target selection and attack path design. Failsafe CEO Aneirin Flynn said that AI has compressed the time for discovering blockchain vulnerabilities from months to days or even hours. The report noted that Anthropic has not fully opened its AI model Mythos due to cybersecurity risks, claiming the model has the capability to discover large-scale zero-day vulnerabilities. Its research indicates that over half of blockchain attacks in 2025 could theoretically be completed autonomously by AI. (Bloomberg)
Drift Protocol Clarifies Redemption Mechanism: Early Exit at a Discount, or Wait for Higher Recovery Value
Drift Protocol released an explanation of its redemption mechanism, stating that users may redeem at any time after the redemption window opens. However, early redemptions will be fulfilled at the current pool’s proportional share, resulting in a recovery value lower than the full claim amount. Conversely, holders who delay redemption may receive a higher recovery price as the pool’s size grows. The protocol emphasizes that this mechanism aims to balance liquidity with the distribution of returns to long-term holders.
Drift Announces User Recovery Plan for the Attack Incident, to Issue Recovery Tokens and Relaunch the Exchange in Q2
According to the official disclosure by Drift Protocol, all affected wallets impacted by the April 1 attack will receive Recovery Tokens—representing their verified losses and proportional claims against the Recovery Pool—where each Recovery Token corresponds to $1 of verified loss. The Recovery Pool’s initial funding is approximately $3.8 million, sourced from converting the protocol’s remaining assets into USDT. It will be further replenished through a portion of quarterly net exchange revenue, partner contributions, and up to $127.5 million in matching deployment from Tether. Once the Recovery Pool exceeds $5 million, users may begin redeeming Recovery Tokens; the redemption price will be calculated as the Recovery Fund’s value divided by the outstanding supply of Recovery Tokens. Drift stated that the Insurance Fund was unaffected by the attack; any release of related funds requires governance proposals and DAO voting. The exchange plans to relaunch in Q2 2026, focusing primarily on perpetual contracts and a select set of markets. Additionally, it will replace its programs and addresses, rotate keys, reconstruct its community multisig, remove durable nonces and the Earn product, and implement operational security upgrades.