News linked to both this project and an event.
According to Drift’s official announcement, the Drift Protocol released its latest recovery update on June 3, 2026. An independent forensic investigation conducted by cybersecurity firm Mandiant has confirmed that the prior attack against Drift was carried out by the North Korean threat group UNC6862, whose tactics closely align with those historically employed by North Korean state-sponsored hacking operations. On the rebuilding front, Drift announced the appointment of Noah Prince—former Engineering Lead of the Helium Protocol—as Protocol Lead, who will spearhead codebase hardening and platform security architecture redesign. Additionally, former members of the Gauntlet team have been brought on board to conduct margin engine reviews, optimize funding rates and market parameters, enhance liquidation mechanisms, and implement continuous risk monitoring. Drift plans to relaunch with “security-first” as its core principle, repositioning itself as Solana’s largest USDT-perpetuals exchange. With support from strategic partners including Tether, Drift will establish a dedicated recovery pool funded by platform revenues to compensate users for losses. Further details regarding the recovery mechanism and timeline will be disclosed progressively.
in April 2026, two major DeFi attacks on Drift Protocol and Kelp DAO resulted in losses of nearly $600 million, triggering approximately $9 billion in capital outflows from protocols like Aave. TRM Labs investigator Nick Carlsen stated that a hacker group suspected to be linked to North Korea has allegedly used AI to assist in target selection and attack path design. Failsafe CEO Aneirin Flynn said that AI has compressed the time for discovering blockchain vulnerabilities from months to days or even hours. The report noted that Anthropic has not fully opened its AI model Mythos due to cybersecurity risks, claiming the model has the capability to discover large-scale zero-day vulnerabilities. Its research indicates that over half of blockchain attacks in 2025 could theoretically be completed autonomously by AI. (Bloomberg)
According to an official announcement, Upbit and Bithumb have stated that member companies of the Korea Digital Asset Exchange Association (DAXA) plan to terminate trading support for DRIFT. The reason for terminating DRIFT trading is that the foundation’s explanatory materials alone are insufficient to alleviate concerns that led to the project’s inclusion on the “Trading Caution List.” Furthermore, after a comprehensive review of all aspects related to the project’s progress, it was determined that the project fails to meet the criteria required to maintain trading support. DRIFT trading (buy/sell) will end on June 1, 2026, at 16:00 KST. Support for DRIFT withdrawals will be terminated on July 1, 2026, at 16:00 KST.
According to Natalie Newson, Senior Blockchain Investigator at CertiK, real-time deepfakes, phishing attacks, supply-chain compromises, and cross-chain vulnerabilities will be the primary drivers of cryptocurrency hacks in 2026. So far this year, the industry has lost over $600 million to hacking incidents—including the $293 million Kelp DAO exploit and the $280 million theft from Drift Protocol in April—both linked to a North Korean hacker group. Newson warns that the accelerated advancement of AI will make attack methods increasingly sophisticated, including more realistic deepfakes, autonomous attack agents, and “agent AIs” capable of automatically scanning smart contracts for vulnerabilities. However, AI can also serve as a defensive tool. CertiK advises investors to verify URL authenticity and store assets in cold wallets to mitigate risk.
Circle Chief Strategy Officer Dante Disparte responded to the major security breach affecting Drift Protocol on April 1, which resulted in over $270 million in stolen funds. He stated that open financial systems must be built upon foundations of legal accountability, shared security, and rules that evolve in real time with emerging threats. Circle freezes USDC funds only when legally required—a measure reflecting its compliance obligations and safeguarding users’ assets and privacy rights. He emphasized that openness and accountability must be balanced, and all participants across the ecosystem—including protocols, wallets, infrastructure providers, exchanges, and stablecoin issuers—must jointly shoulder responsibility for security and accountability. Circle is collaborating with U.S. and international policymakers to advance stablecoin legislation, including the GENIUS Act, to establish a more modern legal framework enabling lawful, rapid intervention against illicit activities while protecting property rights and privacy—ensuring the continued resilience and robust growth of open financial systems.
U.S. law firm Gibbs Mura has launched a class-action litigation investigation into the April 1, 2026, hack of Drift Protocol, reviewing potential investor claims against Circle Internet Financial. The attack resulted in the theft of approximately $280–285 million in assets. The attacker subsequently used Circle’s Cross-Chain Transfer Protocol (CCTP) to bridge over $230 million worth of USDC to Ethereum—Circle took no action to freeze the funds throughout the incident. Notably, just nine days prior, Circle had voluntarily frozen 16 business wallets in a separate civil dispute. Blockchain analytics firm Elliptic suspects the attack was carried out by a North Korea–backed hacking group. As a result of the breach, Drift Protocol’s total value locked (TVL) plummeted from $550 million to below $250 million, the DRIFT token price dropped more than 40%, and at least 20 DeFi protocols suffered indirect losses.