North Korean state-backed hackers are suspected in a $285 million exploit on Drift, a decentralized exchange (DEX), the largest crypto hack in over a year. The attackers posed as a quantitative trading firm and approached Drift’s protocol team in person at a major crypto conference. This is believed to be a targeted approach from North Korean cyber spies who have previously targeted online and remote. The latest incident was described by chain forensics firm TRM Labs as the largest DeFi hack of 2026 and the second-largest exploit in Solana’�s history, after the $326 million Wormhole bridge hack in 2022. North Korea is suspected to be using large-scale crypto thefts alongside longer-term tactics such as placing operatives in remote roles at tech and crypto firms to generate income. The United Nations Security Council has stated that these funds are used to support the country's weapons program.