Drift Protocol on Tuesday announced a recovery plan for users following a $295 million exploit on April 1, which the project attributed to a North Korea-affiliated hacking group identified by forensic firm Mandiant. The plan centers on issuing tokenized claims to affected users and gradually making them whole through a multi-faceted recovery pool.
"The Drift team is taking considered measures to ensure that users are made whole," the team said in a statement, emphasizing that final decisions will be subject to governance votes. The protocol noted that the majority of the stolen assets, approximately 130,259 ETH, remain traceable across four wallets.
The core of the recovery effort is the issuance of a "recovery token" pegged to verified user losses, with each token representing $1 of loss. These tokens will be redeemable against a recovery pool seeded with about $3.8 million in remaining protocol assets. The pool is set to grow via protocol revenue, up to $127.5 million in support from Tether, and an additional $20 million from partners, eventually matching the total $295.4 million in losses. While some funds have been frozen, the timeline for full recovery remains dependent on fund inflows and law enforcement efforts.
This incident places Drift alongside other major DeFi platforms that have recently battled exploits linked to North Korean hackers. The recovery strategy echoes efforts by protocols like Aave, which has been involved in recovery efforts for the nearly $280 million Kelp DAO exploit. For its part, Drift plans to relaunch in the second quarter as a "security-first" exchange, implementing new multisig controls, time-locked operations, and a reduced product scope focused on perpetuals trading to prevent future attacks.
This article is for informational purposes only and does not constitute investment advice.
