بعد اختراق Drift بقيمة 285 مليون دولار، يُظهر ذعر Stabble أن الخطر الأمني التالي للعملات المشفرة قد يكون موجودًا بالفعل
Burns Brief
يشير استغلال Drift والتحذير الاحترازي من Stabble إلى مشكلة أمان تشفير صعبة: قد يبدأ الاختراق الرئيسي التالي قبل فترة طويلة من تحرك الأموال على السلسلة. وقد أثارت الأخبار قلق المشاركين في السوق، حيث يتطلع المضاربون على الانخفاض إلى دفع الأسعار إلى الانخفاض بينما يحاول المضاربون على الصعود الدفاع عن مستويات الدعم الرئيسية. راقب تأكيد حجم التداول - الاختراق فوق متوسط الحجم سيشير إلى أن الاتجاه من المرجح أن يستمر.
The Drift exploit and Stabble’s precautionary warning point to a difficult crypto security problem: the next major breach may begin long before funds move on-chain. That is what makes these incidents more than isolated alarms. They suggest that some protocols may still be looking for smart contract flaws, while the real exposure lies in hiring, access, governance, and trusted relationships. On Apr. 1, Drift suspended deposits and withdrawals and told users it was under an active attack. By Apr. 5, the team said with medium-high confidence that the same threat actors behind the October 2024 Radiant Capital hack had executed the operation. TRM Labs estimated the drain at approximately $285 million, and the Drift post-mortem described a complex scheme in which individuals used $1 million of their own capital and met in person with Drift team members to infiltrate the protocol's structure. On the technical side, TRM identified the critical weakness as social engineering of multisig signers combined with a zero-timelock Security Council migration. This governance design enabled attackers to execute privileged actions without the delays intended to catch unauthorized changes. Why this matters This shifts the risk from code alone to the people and permissions around it. For users and markets, that means a protocol can appear operational until a hidden access failure triggers a live funds event, forced withdrawals, or a sudden loss of trust. Elliptic said the laundering patterns and network indicators matched those of prior DPRK-attributed operations and pointed to a probable compromise of administrator keys that enabled privileged withdrawals and administrative control. Related Reading Hackers sneak crypto wallet-stealing code into a popular AI tool that runs every time Compromised LiteLLM versions 1.82.7 and 1.82.8 stole SSH keys, cloud creds, Kubernetes secrets, env vars, and crypto wallet material. Mar 26, 2026 · Gino Matos Attackers earned enough trust to convert ordin
Key Takeaways
- The Drift exploit and Stabble’s precautionary warning point to a difficult crypto security problem: the next major breach may begin long before funds move on-chain
- That is what makes these incidents more than isolated alarms
- They suggest that some protocols may still be looking for smart contract flaws, while the real exposure lies in hiring, access, governance, and trusted relationships
- 1, Drift suspended deposits and withdrawals and told users it was under an active attack
- 5, the team said with medium-high confidence that the same threat actors behind the October 2024 Radiant Capital hack had executed the operation