The decentralized finance (DeFi) sector is reeling after Drift confirmed it has fallen victim to a major security breach. The platform took the immediate step of suspending all deposits and withdrawals after detecting what it described as an “active attack” on its infrastructure.
A Record-Breaking Breach
While the full extent of the damage is still being assessed, blockchain security experts and data analysts have released staggering preliminary figures. The security firm CertiK reported that hackers may have siphoned off approximately $136 million. However, crypto analytics platform Arkham suggests the impact is even more severe, estimating the stolen funds at roughly $285 million.
If the higher estimates are confirmed, this incident would become the most significant crypto theft of 2026 to date. According to the Rekt leaderboard, which tracks the history of major decentralized finance exploits, a loss of this magnitude places Drift among the most targeted entities in the industry’s history.
Containment and Investigation
Drift’s technical team is currently working to contain the incident and secure the remaining assets. While the company has acknowledged the breach on social media, it has not yet provided specific details regarding the vulnerability exploited by the attackers or a timeline for when services might resume.
The Broader Threat Landscape
The identity of the perpetrators remains unknown, but the scale and sophistication of the attack mirror the tactics of state-sponsored actors. Security researchers have frequently pointed toward North Korea as a primary driver of global crypto theft. Last year alone, hackers linked to the regime were responsible for stealing at least $2 billion in cryptocurrency, using the proceeds to bypass international sanctions and fund various state programs.
