Blockchain-based decentralized finance (DeFi) protocol Drift announced a new recovery plan to recover losses following a cyber attack worth approximately $295 million on April 1. According to the team’s statement, North Korea-related hackers are held responsible for this major attack; After the incident, all trading and borrowing transactions on the platform were immediately stopped.
Size of attack and status of funds
As a result of the attack, a total of 130 thousand 259 Ethereum (ETH) was stolen from the protocol, and these assets were concentrated in four different wallet addresses. According to the information provided by Drift, most of the stolen assets are still traceable, and cyber hackers were able to limit the transfer. According to Drift, approximately $3.36 million USDC is frozen, and some assets are held in interchain transitions. The platform continues its efforts to seize funds and provide refunds through legal means.
Details of the recovery plan
Drift will issue a new token called ‘recovery token’, which represents the amounts lost by users and covers the loss of $1 each. Those who own these tokens will be able to receive payments corresponding to their value from the recovery pool that will be created over time. At the beginning of the pool, there is approximately $3.8 million remaining in the protocol. In addition, the pool will be regularly enlarged with stock exchange revenues, a maximum of 127.5 million dollars will be supported from Tether based on performance, and up to 20 million dollars will be contributed from partners. Assets in the pool will accumulate until total losses are reached; Once the targeted $295.4 million is reached, recovery tokens can be used at their full value.
The Drift team stated that they took careful precautions to completely eliminate the grievances of the users and stated that the final decisions to be taken will be determined by “governance votes”.
The platform also announced that they will give a 10 percent reward for each asset recovered from the funds stolen in the attack, and that they have launched a public reward program for this purpose. This step aims to encourage support from the community.
Reboot and industry outlook
Drift plans to relaunch as a security-focused exchange in the second quarter. In this new period, we will continue with a structure with a narrower scope focusing on multi-signature control, time-locked transactions, key renewal and only continuous futures transactions.
Shortly before Drift’s announcement, another leading DeFi protocol, Aave, also announced that it had begun conducting a large-scale recovery organization in the industry for the Kelp DAO, which suffered the second-largest cyber attack of the year. It is stated that the hacker group known to be backed by North Korea is behind this operation. This group, known as Lazarus, has attracted nearly $280 million in funding so far in 2024.
Recent attacks in the sector have once again demonstrated that security measures in decentralized finance protocols need to be constantly updated against current threats.
