Decentralized finance platform Drift just had a really bad day. The company suspended all withdrawals and deposits after discovering what it calls an “active attack” on its systems. And based on early assessments from security researchers, the damage is substantial.
Blockchain security firm CertiK estimates that hackers stole around $136 million. Crypto analytics firm Arkham put the number closer to $285 million. If the higher figure holds up, this becomes the largest crypto theft of 2026 so far, according to Rekt, the leaderboard that tracks these things like some grim scoreboard of the industry’s failures.
The details are still emerging. Drift hasn’t released a full post-mortem. A company spokesperson didn’t respond to requests for comment. So we’re working with fragments and guesses at this point, which is never ideal when nine-figure sums vanish from a platform.
The Usual Suspects
Here’s what’s worth noting: security researchers fingered North Korea as responsible for most crypto thefts last year, netting at least $2 billion in stolen cryptocurrency. Those funds apparently help finance the regime’s nuclear weapons program and dodge international sanctions. So crypto theft isn’t just some abstract technical failure or the cost of doing business in a decentralized world. It’s geopolitical.
That doesn’t mean North Korea was behind the Drift hack. We don’t know who did this yet. But it’s the backdrop worth keeping in mind. Cryptocurrency platforms are targets because the money is there, the borders don’t matter, and the trails are harder to follow than traditional banking.
A Pattern, Not an Exception
This is the thing that should bother anyone paying attention to crypto and technology more broadly. Major hacks happen with such regularity in decentralized finance that they’ve become almost expected. The industry talks endlessly about innovation, decentralization, and removing intermediaries. But removing intermediaries also means removing a lot of the security infrastructure that traditional finance built over decades.
Drift suspended withdrawals and deposits to “contain the incident.” That’s responsible. It’s also the kind of move that feels like it shouldn’t be necessary on a platform built on immutability and permanence. You’re supposed to own your own assets. You’re supposed to be in control. When something goes wrong, you’re not supposed to be locked out of your own money while a company figures out what happened.
The tension there is real. And it’s not going away anytime soon.
Whether this turns out to be a $136 million theft or a $285 million one, the math is the same: someone, somewhere, just proved once again that having a clever protocol isn’t the same as having actual security.
