Malware And CampaignsCampaign

DPRK Drift hack via six month social engineering and malicious code

April 6, 2026The Hacker News, Nicolas Krassas, The Cyber Security Hub™

The Hacker News and others describe a North Korea linked operation that built trust for six months, used malicious code and a fake wallet app, and stole 285 million dollars from Drift, highlighting social engineering as initial access at scale.

Open in PulseSee the full authority discussion →

QUOTES

North Korea-linked hackers spent 6 months building trust before stealing $285M from Drift.

They posed as a trading firm, met contributors in person, deposited $1M+, then used malicious code and a fake wallet app to gain access.

spend 6 months cosplaying as a quant fund. hitting conferences, shaking hands, dropping $1M of real money into the protocol

all so one dev would clone a repo

patience is the scariest exploit

VOICES

The Hacker News

Nicolas Krassas

The Cyber Security Hub™

Eric Vanderburg

payloadartist

RELATED TERMS

social engineeringinitial accessmalicious codesocial engineeringmalicious codeinitial access

OTHER FINDINGS IN MALWARE AND CAMPAIGNS

Axios npm package compromise, WAVESHAPER.V2 cross platform RAT Handala Hack Telegram threat claiming imminent Lockheed Martin data leak Telnyx PyPI compromise (TeamPCP) shipping malware in telnyx 4.87.1/4.87.2

AMYGDALA PULSE

See what authorities are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new authority voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security