# The team behind Drift provided an update on a hack of the project that occurred on April 1.

*web3 · news · 2026-04-07 · Gizmodo*

## Key points

- The Drift hack was attributed to a six-month operation by North Korean state-linked actors.
- Attackers exploited Drift's new approval system, which removed waiting periods and required only two signatures.
- Hackers created 750 million fake CarbonVote Tokens to manipulate collateral and drain $285 million in assets.
- Private key compromise vectors included a VSCode vulnerability and a malicious TestFlight app download.
- In-person intermediaries, not North Korean nationals, facilitated the operation, matching DPRK tradecraft.

**Companies:** Drift
**Countries:** North Korea

[Read the full story on Gizmodo](https://gizmodo.com/crypto-project-details-alleged-6-month-north-korean-intel-op-behind-285-million-hack-2000741330)

---

Canonical: https://newsio.io/n/7070e203-371c-4310-98d1-2663e87baebb/the-team-behind-drift-provided-an-update-on-a-hack-of-the-project-that-occurred
Summarized by Newsio from Gizmodo. https://newsio.io/how-it-works