$285M looted! The biggest crypto security incident of 2026 is born

On April 1st, Solana DeFi giant Drift Protocol experienced a rare attack. $155 million worth of JLP, $51.6 million USDC, and assets valued at $78 million in SOL, BTC, and other tokens were transferred out, affecting nearly 20 vaults, with user deposits and lending fully impacted.
The most outrageous part is the method of the attack:
No code vulnerability, no private key leak! North Korean hacker group UNC4736 lurked for half a year, disguising as a quantitative trading firm, contacting employees offline to implant malware, and fraudulently obtaining more than two-fifths of multisig signatures. They used durable nonce pre-signed malicious transactions to instantly seize admin rights.
How much can insurance cover?
Only 6%! The $17 million insurance fund is intact, but it was originally designed to cover small bad debts and is not suitable for extreme scenarios where the vault is completely drained.
Official statement:
Drift has committed to 100% full compensation! 6% covered by insurance, the remaining 94% will be covered by the team and fundraising. The protocol has been frozen, and Mandiant is fully investigating.
Code can be audited, but “people” will always be the biggest vulnerability in on-chain security. This epic social engineering attack has sounded the alarm for all protocols!