North Korea-Linked Hackers Escalate Crypto Attacks With $500M+ Two-Week Haul
- North Korea-linked hackers extracted over US$500M (AU$705M) from Drift and Kelp in a coordinated two-week stretch.
- Attacks focused on structural weaknesses, including Kelp’s single-verifier setup and manipulated data inputs.
- The incidents reflect a shift toward more organised, multi-layered exploits across decentralised finance systems.
Crypto markets are facing renewed pressure after North Korea-linked hackers carried out two major exploits, draining over US$500 million (AU$705 million) in slightly more than two weeks. The attacks, which targeted Drift and Kelp, highlight an increasingly coordinated strategy focused on systemic weaknesses.
The Kelp DAO exploit alone accounted for more than US$290 million (AU$408.9 million) in losses, making it the largest crypto theft of the year so far. Hackers leveraged flaws in the protocol’s configuration, particularly its reliance on a single verifier, to approve illegitimate transactions. Instead of bypassing encryption, the attackers manipulated the data inputs that the system trusted.
Related: Bitcoin Pullback Sparks $260M Liquidations as Geopolitical Tensions Rattle Markets
A Pattern Beyond One-Off Breaches
Prior to this, Drift was compromised in a US$285 million (AU$401.85 million) attack that stemmed from months of social engineering. Individuals posing as legitimate partners engaged with the platform over time, building credibility before executing the theft. This tactic represents a notable evolution in how such groups operate.
Taken together, the incidents suggest a deliberate shift toward exploiting how decentralised finance systems are structured rather than targeting isolated flaws. Experts indicate these attacks reveal weaknesses that are already known but insufficiently addressed.
North Korea has emerged as a dominant force in crypto-related cybercrime, with billions stolen over recent years and activity linked to organised state efforts. The latest breaches demonstrate how interconnected systems can magnify the impact of a single vulnerability.
Related: Vercel Breach Linked to AI Tool Compromise Raises Risk for Crypto Frontends
