Drift Protocol

Drift Protocol is a Solana-based perpetuals DEX that became the center of one of the largest exploits in DeFi history when a $285M attack drained the protocol in April 2026, and the post-mortem traced the breach back to North Korean operatives who had been embedded in DeFi development teams since 2020. The coverage here tracks the full incident and what came after: the $285M exploit and the on-chain trail across mixers and bridges, Circle’s response on USDC freezes and the class action lawsuit that followed over freeze failures, Tether’s $127.5M commitment to the recovery effort, the North Korean IT worker investigation that exposed how deep state-sponsored infiltration of DeFi protocols actually runs, and the Solana ecosystem response from major protocols and validators. Drift continues to operate, and the technical questions are not the most interesting part of the story anymore. The interesting part is what the case revealed about who actually builds DeFi protocols, how due diligence on contributors actually works, and how stablecoin issuers respond when stolen funds move across chains faster than legal compulsion can travel. Coingo covers the recovery effort, the legal proceedings, the regulatory response, and the broader implications for every protocol relying on anonymous or pseudonymous contributors.