Después del hackeo de Drift de 285 millones de dólares, el nuevo susto de Solana muestra que el próximo riesgo de seguridad de las criptomonedas puede que ya esté dentro
Burns Brief
El exploit Drift y la advertencia de precaución de Stabble apuntan a un difícil problema de seguridad criptográfica: la próxima gran violación puede comenzar mucho antes de que los fondos se muevan en la cadena. La noticia ha sacudido a los participantes del mercado, con los bajistas buscando bajar los precios mientras los alcistas intentan defender niveles de soporte clave. Esté atento a la reacción del $SOL: un movimiento decisivo por encima o por debajo de niveles clave confirmará la próxima tendencia.
The Drift exploit and Stabble’s precautionary warning point to a difficult crypto security problem: the next major breach may begin long before funds move on-chain. That is what makes these incidents more than isolated alarms. They suggest that some protocols may still be looking for smart contract flaws, while the real exposure lies in hiring, access, governance, and trusted relationships. On Apr. 1, Drift suspended deposits and withdrawals and told users it was under an active attack. By Apr. 5, the team said with medium-high confidence that the same threat actors behind the October 2024 Radiant Capital hack had executed the operation. TRM Labs estimated the drain at approximately $285 million, and the Drift post-mortem described a complex scheme in which individuals used $1 million of their own capital and met in person with Drift team members to infiltrate the protocol's structure. On the technical side, TRM identified the critical weakness as social engineering of multisig signers combined with a zero-timelock Security Council migration. This governance design enabled attackers to execute privileged actions without the delays intended to catch unauthorized changes. Why this matters This shifts the risk from code alone to the people and permissions around it. For users and markets, that means a protocol can appear operational until a hidden access failure triggers a live funds event, forced withdrawals, or a sudden loss of trust. Elliptic said the laundering patterns and network indicators matched those of prior DPRK-attributed operations and pointed to a probable compromise of administrator keys that enabled privileged withdrawals and administrative control. Related Reading Hackers sneak crypto wallet-stealing code into a popular AI tool that runs every time Compromised LiteLLM versions 1.82.7 and 1.82.8 stole SSH keys, cloud creds, Kubernetes secrets, env vars, and crypto wallet material. Mar 26, 2026 · Gino Matos Attackers earned enough trust to convert ordin
Key Takeaways
- The Drift exploit and Stabble’s precautionary warning point to a difficult crypto security problem: the next major breach may begin long before funds move on-chain
- That is what makes these incidents more than isolated alarms
- They suggest that some protocols may still be looking for smart contract flaws, while the real exposure lies in hiring, access, governance, and trusted relationships
- 1, Drift suspended deposits and withdrawals and told users it was under an active attack
- 5, the team said with medium-high confidence that the same threat actors behind the October 2024 Radiant Capital hack had executed the operation