Key Findings Drift Protocol lost $285 million in a sophisticated attack attributed to North Korean-linked hackers on April 1, 2026 Attackers used durable nonce accounts to pre-sign transactions and compromised multisig approvals to gain admin control The operation involved multi-week preparation with staged execution across multiple phases Stolen funds were rapidly drained from multiple vaults within seconds and laundered across wallets This marks the 18th confirmed North Kor
