Drift DeFi platform suspends operations after hack steals up to $285 million

The decentralised finance (DeFi) platform Drift has suspended all deposits and withdrawals following a confirmed security breach. The company stated on social media platform X that it was "experiencing an active attack" and was working to "contain the incident."

Initial analyses by blockchain security firms suggest the losses are substantial. CertiK reported that hackers may have stolen approximately $136 million, while analytics firm Arkham estimated the figure to be around $285 million in cryptocurrency.

Largest Theft of the Year

If confirmed, the attack on Drift would constitute the largest cryptocurrency theft of 2026 so far, according to the Rekt leaderboard, a site that tracks major crypto hacks by value. The identity of the attackers remains unclear, and a spokesperson for Drift did not immediately respond to requests for comment.

Security researchers have previously identified North Korea as the most prolific actor in crypto theft last year, with regime-linked groups netting at least $2 billion in stolen digital assets. These funds are believed to finance North Korea's nuclear weapons programme and circumvent international sanctions restricting its access to the global financial system.

Context and Industry Impact

The incident highlights ongoing security vulnerabilities within the DeFi sector, where automated, code-based protocols manage billions in user funds. Major hacks have repeatedly shaken investor confidence, prompting calls for enhanced security audits and insurance mechanisms.

Drift has not provided a timeline for resuming services or details on potential user reimbursement. The platform's team stated it is conducting a full investigation and collaborating with relevant authorities and security partners.