Drift Protocol Outlines Recovery Plan After $295M North Korean-Linked Hack

yesterday / 20:58 4 sources negative

Key takeaways:

  • Systematic DPRK exploits highlight escalating state-level threats to DeFi, likely accelerating security upgrades and regulatory scrutiny.
  • Drift's recovery token may trade below face value, offering speculative opportunity if recovery pool fills.
  • Protocol-led recovery efforts mirror Aave's Kelp DAO coordination, signaling a maturing, collaborative DeFi risk culture.
DRIFT DRIFT

Drift Protocol announced on Tuesday a detailed recovery framework for users affected by a $295 million exploit that occurred on April 1 and has been attributed to the North Korean state-backed DPRK hacking group, identified by forensic firm Mandiant.

The attack forced the protocol to immediately halt all trading and borrowing activities. According to Drift, the majority of the stolen assets remain traceable and contained, with approximately 130,259 ETH (roughly $31 million) concentrated across four monitored wallets. A total of about $295.4 million in losses was identified.

The core of the recovery plan is the issuance of a recovery token, with each token representing $1 of verified user loss. These tokens will be redeemable at a future date when a dedicated recovery pool reaches sufficient value. The pool currently holds about $3.8 million in remaining protocol assets and is expected to grow through exchange-generated revenue, up to $127.5 million in performance-linked support from Tether, and up to $20 million from partner contributions. Once the pool equals the total loss amount, recovery tokens can be redeemed at full value.

Some funds have already been frozen, including approximately $3.36 million in USDC, while other assets remain delayed in cross-chain transfers. Drift is also pursuing legal avenues to seize and reissue assets and has launched a public bounty offering 10% of any recovered funds. Final decisions on the recovery plan will be subject to governance votes, the team noted.

To prevent future incidents, Drift plans to relaunch in the second quarter as a “security-first” exchange, implementing new multisig controls, time-locked operations, regular key rotation, and a reduced product scope focused exclusively on perpetuals trading.

The announcement comes one week after Aave revealed it is coordinating a DeFi-wide recovery effort for Kelp DAO, which suffered a nearly $280 million exploit also attributed to North Korean hackers. In that case, Aave has mobilized donations, deposits, and credit lines from across the crypto space.

DRIFT DRIFT Drift
Following a $295M hack, Drift halted operations and announced a recovery token plan. Sentiment negative, likely further short-term declines, but long-term recovery hinges on pool success and relaunch.
Sources
Drift outlines a recovery plan for users after $295 million DPRK-linked exploit
CoinDesk 05.05.2026 18:57
Drift announces $295 million ETH hack recovery plan
COINTURK NEWS 05.05.2026 20:45
How Solana Exchange Drift Plans to Repay Users After $295 Million Crypto Hack
Decrypt 05.05.2026 21:25
Top Today
yesterday / 21:37 6 sources
Kelp DAO Accuses LayerZero of Approving Flawed Setup that Led to $292M Exploit, Migrates to Chainlink
RSETH RSETH
LINK LINK $9.81 +3.87%
yesterday / 20:27 5 sources
Solana and Google Cloud Unveil Pay.sh, a Stablecoin Payment Gateway for AI Agents
SOL SOL $86.79 +2.60%
yesterday / 19:14 6 sources
Ripple CEO Brad Garlinghouse Rejects ‘XRP Maximalist’ Tag, Pushes for Swift Senate Action on Crypto Bill
XRP XRP $1.42 +1.28%
yesterday / 18:07 8 sources
Kraken Partners with MoneyGram to Offer Global Crypto-to-Cash Off-Ramp
yesterday / 17:25 20 sources
Bitcoin Breaks $80,000 as Iran Peace Proposal and $630M ETF Inflows Fuel Bullish Momentum
BTC BTC $81301.30 +1.06%
ETH ETH $2371.25 +0.09%
yesterday / 15:23 7 sources
Galaxy and State Street Unveil Solana-Based Tokenized Cash Fund SWEEP
SOL SOL $86.79 +2.60%
PYUSD PYUSD $1.00 +0.01%
yesterday / 14:42 5 sources
US Banks Warn CLARITY Act Stablecoin Yield Restrictions Still Fall Short
Disclaimer

The content on this website is provided for information purposes only and does not constitute investment advice, an offer, or professional consultation. Crypto assets are high-risk and volatile — you may lose all funds. Some materials may include summaries and links to third-party sources; we are not responsible for their content or accuracy. Any decisions you make are at your own risk. Coinalertnews recommends independently verifying information and consulting with a professional before making any financial decisions based on this content.