The post Drift links $280M hack to radiant attackers appeared on BitcoinEthereumNews.com.

Drift Protocol said the April 1 attack on its platform followed months of planning and social engineering.  Summary Drift said attackers spent six months building trust before using malicious tools to breach contributor devices. The exchange linked the exploit with medium-high confidence to actors behind Radiant Capital’s October 2024 hack. Drift said repeated in-person contact at crypto events helped attackers study contributors and gain access. The decentralized exchange linked the case to a group that spent time building trust with contributors before sending malicious tools and links. External estimates put the loss at about $280 million. Drift Protocol said its early review found a long and organized campaign against the platform. The team said the attackers showed “organizational backing, resources, and months of deliberate preparation” during the operation. The exchange said the contact began around October 2025. According to Drift, people posing as members of a quantitative trading firm approached contributors at a major crypto conference and claimed they wanted to integrate with the protocol. Drift said the group kept meeting contributors at several industry events over the next six months. The team said the people involved were technically skilled, knew how Drift worked, and appeared to have real professional backgrounds. That steady contact helped the group gain trust. Drift said the attackers later used malicious links and tools shared with contributors to compromise devices, carry out the exploit, and remove traces of their activity after the breach. In addition, Drift said it has “medium-high confidence” that the same actors behind the October 2024 Radiant Capital hack carried out this exploit. That earlier attack caused losses of about $58 million and also involved malware used to gain access to internal systems. Radiant Capital said in December 2024 that a North Korea-aligned hacker posed as a former contractor and sent malware…

---

Filed under: News - @ April 5, 2026 11:23 am