Nach dem 285-Millionen-Dollar-Drift-Hack zeigt die Stabble-Angst, dass das nächste Sicherheitsrisiko für Kryptowährungen möglicherweise bereits besteht
Burns Brief
Der Drift-Exploit und die vorsorgliche Warnung von Stabble deuten auf ein schwieriges Krypto-Sicherheitsproblem hin: Der nächste große Verstoß könnte beginnen, lange bevor Gelder in die Kette gelangen. Die Nachricht hat die Marktteilnehmer verunsichert, da Bären versuchen, die Preise nach unten zu drücken, während Bullen versuchen, wichtige Unterstützungsniveaus zu verteidigen. Achten Sie auf die Bestätigung des Volumens – ein Ausbruch über das durchschnittliche Volumen würde signalisieren, dass sich der Trend wahrscheinlich fortsetzt.
The Drift exploit and Stabble’s precautionary warning point to a difficult crypto security problem: the next major breach may begin long before funds move on-chain. That is what makes these incidents more than isolated alarms. They suggest that some protocols may still be looking for smart contract flaws, while the real exposure lies in hiring, access, governance, and trusted relationships. On Apr. 1, Drift suspended deposits and withdrawals and told users it was under an active attack. By Apr. 5, the team said with medium-high confidence that the same threat actors behind the October 2024 Radiant Capital hack had executed the operation. TRM Labs estimated the drain at approximately $285 million, and the Drift post-mortem described a complex scheme in which individuals used $1 million of their own capital and met in person with Drift team members to infiltrate the protocol's structure. On the technical side, TRM identified the critical weakness as social engineering of multisig signers combined with a zero-timelock Security Council migration. This governance design enabled attackers to execute privileged actions without the delays intended to catch unauthorized changes. Why this matters This shifts the risk from code alone to the people and permissions around it. For users and markets, that means a protocol can appear operational until a hidden access failure triggers a live funds event, forced withdrawals, or a sudden loss of trust. Elliptic said the laundering patterns and network indicators matched those of prior DPRK-attributed operations and pointed to a probable compromise of administrator keys that enabled privileged withdrawals and administrative control. Related Reading Hackers sneak crypto wallet-stealing code into a popular AI tool that runs every time Compromised LiteLLM versions 1.82.7 and 1.82.8 stole SSH keys, cloud creds, Kubernetes secrets, env vars, and crypto wallet material. Mar 26, 2026 · Gino Matos Attackers earned enough trust to convert ordin
Key Takeaways
- The Drift exploit and Stabble’s precautionary warning point to a difficult crypto security problem: the next major breach may begin long before funds move on-chain
- That is what makes these incidents more than isolated alarms
- They suggest that some protocols may still be looking for smart contract flaws, while the real exposure lies in hiring, access, governance, and trusted relationships
- 1, Drift suspended deposits and withdrawals and told users it was under an active attack
- 5, the team said with medium-high confidence that the same threat actors behind the October 2024 Radiant Capital hack had executed the operation