Drift $285M exploit ranks among largest crypto hacks since 2023
The $285 million exploit targeting Drift Protocol has officially entered the top four largest crypto hacks of the past three years. The incident trails only behind breaches involving Bybit ($1.4 billion), DMM Bitcoin ($308 million), and PlayDapp ($290 million).
According to the Chief Technology Officer of Ledger, early indicators suggest the attack may be linked to North Korean threat actors. If confirmed, it would follow a well-established pattern seen in previous high-profile exploits attributed to DPRK-linked groups, including WazirX ($235 million) and Radiant Capital ($53 million).
losses continue to rise year over year
Data shows a steady escalation in the total value of stolen crypto assets:
2023: $1.7 billion
2024: $2.2 billion (+29%)
2025: $2.7 billion (+23%)
2026: already $420 million in Q1
Drift’s $285 million exploit, combined with an additional $137 million drained across 15 DeFi protocols in the first quarter, has pushed total losses in 2026 past $420 million within just three months.
same attack vectors, recurring failures
Notably, the core attack methods remain unchanged. Threat actors continue to exploit well-known vulnerabilities, including:
Private key compromises
Smart contract bugs
Oracle manipulation
Reentrancy attacks
These are longstanding issues with established mitigation strategies, yet they persist—largely due to gaps in operational security, auditing, and risk management practices.
industry faces $3B risk in 2026
At the current pace, total crypto-related losses in 2026 could surpass $3 billion by year-end. While the digital asset industry continues to expand, so too does its attack surface—intensifying the urgency for stronger security standards across protocols, exchanges, and the broader ecosystem.
