"The incident, Drift said, was a 'highly sophisticated operation' involving 'the use of durable nonce accounts to pre-sign transactions that delayed execution' and the compromise of multisig signers' approvals."
"According to blockchain security company Elliptic, the attack was likely mounted by a North Korean threat actor and resulted in the theft of $286 million from Drift."
"The attack was executed with extreme precision: the hackers set up supporting infrastructure roughly eight days before, prepared multiple nonce-based transactions, gained admin control, drained funds from five vaults within seconds, and immediately started laundering them through multiple wallets."
A $285 million theft from the Drift decentralized finance platform is attributed to a North Korean threat actor. The operation was highly sophisticated, involving durable nonce accounts and compromised multisig approvals. Drift is collaborating with security firms and law enforcement to trace the stolen assets. The attack was meticulously planned, with infrastructure set up eight days prior, allowing hackers to drain funds from multiple vaults rapidly. The attackers gained admin control and executed transactions on the Solana blockchain with pre-signed approvals.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]