North Korean operatives stole $270 million from Drift in six-month social engineering campaign

North Korean state-sponsored hackers infiltrated decentralized exchange Drift over six months, stealing $270 million through an elaborate operation involving in-person meetings and a fraudulent $1 million deposit, the company disclosed. The attackers posed as representatives of a legitimate quantitative trading firm, conducting face-to-face meetings with Drift personnel and maintaining operational security throughout a prolonged reconnaissance phase. The theft represents one of the largest confirmed North Korean cryptocurrency heists to date and demonstrates the increasing sophistication of Pyongyang's cyber operations, which have become a critical revenue stream for the sanctions-hit regime. The incident highlights vulnerabilities in decentralized finance protocols' vendor verification processes and the risks of social engineering even among technically sophisticated targets. U.S. and international