Attackers drained $285 million from Drift Protocol, Solana's largest perpetual futures exchange, on April 1, 2026. TRM Labs estimates the drain took roughly 12 minutes. The exploit targeted governance, not smart contract code. TRM Labs assessed the hack was "likely perpetrated by North Korean hackers" based on on-chain staging patterns. Elliptic independently assessed the behaviour as consistent with previous DPRK-backed operations. A malicious actor gained unauthorized access to Drift Protocol ...