Rewards Hub Drift Protocol has released an update on the investigation into the April 1 attack, suggesting it was a long-term infiltration operation lasting approximately six months with organized backing. Initial findings indicate that attackers, posing as a quantitative trading firm, began engaging with Drift team members at international crypto conferences from fall 2025. They reportedly used code repository links and TestFlight applications to infiltrate devices. In response, Drift has frozen remaining protocol functions, removed compromised multi-signature wallets, and is collaborating with Mandiant and SEAL 911 for forensic analysis. The project team assesses with medium to high confidence that the operation may be linked to North Korean hacker groups involved in the 2024 Radiant Capital theft.
Drift Protocol Investigates April 1 Attack as Long-term Infiltration
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.