North Korea Allegedly Drains $285M from Drift

While the world watched the news from the Middle East, a silent and surgical strike was executed on the Solana blockchain.

On April 1, 2026, in a move that was unfortunately not an April Fools' prank, attackers drained approximately $285 million from Drift Protocol, the largest decentralized perpetual futures exchange on Solana. The entire exploit took just 12 minutes.

By the time investigators at TRM Labs and other security firms could hit the sirens on April 2, the funds were already being laundered at a pace that exceeded even the infamous 2025 Bybit exploit.

Early forensic evidence points toward the Lazarus Group, the North Korean-linked hacking collective, adding a layer of international intrigue to this digital catastrophe.

This heist is now officially the largest DeFi hack of 2026 and the second-largest in Solana’s history, trailing only the $326 million Wormhole bridge breach of 2022. The attackers targeted a vulnerability in the protocol's liquidity provisioning logic, allowing them to effectively "withdraw" assets that didn't belong to them at light speed.

For the Solana community, which has spent the last year celebrating its superior throughput and growing institutional adoption, this is a sobering reality check on the trade-offs of high-speed execution. It’s a direct reminder that as our financial systems become more "agentic" and autonomous, the window to catch a thief shrinks from days to minutes.

Disclaimer. The data provided is collected by the author and is not sponsored by any company or token developer. This is not a recommendation to buy or sell cryptocurrency and should not be viewed as an endorsement by Coinidol.com. Readers should do their research before investing in funds.