Drift Protocol was hit by a $270 million breach on April 1 after a roughly six‑month infiltration by a North Korean state‑sponsored hacking group. The incident heightens concerns about DeFi security, fund recovery, and possible sanctions evasion.
Solana co-founder Anatoly Yakovenko called the recent Drift Protocol exploit "terrifying" after reports tied the incident to a sophisticated social engineering operation attributed to North Korean actors. The breach underscores growing state-linked threats to decentralized finance.
Circle declined requests to freeze about $285 million in USDC stolen from the Drift protocol. The decision has drawn criticism and renewed debate about recoverability and accountability in DeFi.
Ledger CTO Charles Guillemet called for improved security after the Drift Protocol exploit on Solana, which he described as the largest hack of 2026 so far. The incident highlights persistent systemic risk for DeFi on SOL.
A U.S. indictment charges a suspected hacker in connection with a $53 million exploit of Uranium Finance (URF), alleging fraud and money laundering that could carry a combined maximum sentence of up to 30 years. The case underscores renewed U.S. enforcement focus on high-value DeFi breaches.
Step Finance and SolanaFloor announced they are ceasing operations effective immediately following a late‑January treasury hack that impacted Step Finance. The closures represent a significant setback for early projects in the Solana ecosystem.
Step Finance disclosed a $27 million treasury breach on Jan. 31, 2026 that sent its governance token STEP down more than 80%, with Solana-linked assets also pressured amid a wider market sell-off.
Trust Wallet says it will reimburse a subset of users affected by a security breach tied to its Chrome extension that saw roughly $7 million drained. The company has faced criticism for downplaying the incident and offering limited compensation.
Turkish crypto exchange BtcTurk disclosed a security breach on Jan. 5, 2026, saying attackers siphoned roughly $48 million from its hot wallets across several blockchains. The incident underscores ongoing hot-wallet risks for exchanges and users.
Crypto losses fell to $76 million in December, down 60% from November, but the month still featured major incidents — including a $50 million address‑poisoning scam and the fallout from Bybit’s $1.4 billion hack. The events underscore persistent concentration and custody risks in crypto markets.