The long con: How North Korean spies spent months in-person to drain $285 million from Drift
CoinDesk
North Korean hackers used sophisticated in-person social engineering to steal $285 million from Drift Protocol, signaling a shift toward more precise, targeted attacks.Summary
A new report from TRMLabs reveals that North Korean state-backed hackers are increasingly moving beyond remote operations, employing unprecedented in-person social engineering to execute high-value crypto thefts. The $285 million breach of Drift Protocol involved months of face-to-face meetings between hackers and employees. These state-sponsored groups, including DPRK and Lazarus, are now responsible for 76% of all crypto hack losses in 2026, with cumulative thefts exceeding $6 billion since 2017. Unlike previous remote-only attacks, this new, highly precise methodology demonstrates a significant escalation in the sophistication of North Korea’s cyber-criminal campaigns.
(Source:CoinDesk)