Après le piratage Drift de 285 millions de dollars, la peur de Stabble montre que le prochain risque de sécurité de la cryptographie pourrait déjà être à l'intérieur
Burns Brief
L'exploit Drift et l'avertissement de précaution de Stabble indiquent un problème difficile de sécurité cryptographique : la prochaine violation majeure pourrait commencer bien avant que les fonds ne soient transférés sur la chaîne. La nouvelle a secoué les acteurs du marché, les baissiers cherchant à faire baisser les prix tandis que les haussiers tentent de défendre les niveaux de support clés. Surveillez la confirmation du volume : une cassure au-dessus du volume moyen indiquerait que la tendance est susceptible de se poursuivre.
The Drift exploit and Stabble’s precautionary warning point to a difficult crypto security problem: the next major breach may begin long before funds move on-chain. That is what makes these incidents more than isolated alarms. They suggest that some protocols may still be looking for smart contract flaws, while the real exposure lies in hiring, access, governance, and trusted relationships. On Apr. 1, Drift suspended deposits and withdrawals and told users it was under an active attack. By Apr. 5, the team said with medium-high confidence that the same threat actors behind the October 2024 Radiant Capital hack had executed the operation. TRM Labs estimated the drain at approximately $285 million, and the Drift post-mortem described a complex scheme in which individuals used $1 million of their own capital and met in person with Drift team members to infiltrate the protocol's structure. On the technical side, TRM identified the critical weakness as social engineering of multisig signers combined with a zero-timelock Security Council migration. This governance design enabled attackers to execute privileged actions without the delays intended to catch unauthorized changes. Why this matters This shifts the risk from code alone to the people and permissions around it. For users and markets, that means a protocol can appear operational until a hidden access failure triggers a live funds event, forced withdrawals, or a sudden loss of trust. Elliptic said the laundering patterns and network indicators matched those of prior DPRK-attributed operations and pointed to a probable compromise of administrator keys that enabled privileged withdrawals and administrative control. Related Reading Hackers sneak crypto wallet-stealing code into a popular AI tool that runs every time Compromised LiteLLM versions 1.82.7 and 1.82.8 stole SSH keys, cloud creds, Kubernetes secrets, env vars, and crypto wallet material. Mar 26, 2026 · Gino Matos Attackers earned enough trust to convert ordin
Key Takeaways
- The Drift exploit and Stabble’s precautionary warning point to a difficult crypto security problem: the next major breach may begin long before funds move on-chain
- That is what makes these incidents more than isolated alarms
- They suggest that some protocols may still be looking for smart contract flaws, while the real exposure lies in hiring, access, governance, and trusted relationships
- 1, Drift suspended deposits and withdrawals and told users it was under an active attack
- 5, the team said with medium-high confidence that the same threat actors behind the October 2024 Radiant Capital hack had executed the operation