Crypto Exchange Drift Launched a Compensation Program for Users After the Hacker Attack

• The $295 million hack of Drift Protocol forced the exchange to launch a new compensation model.
• It предусматривает the offering of a recovery token from a newly formed recovery pool.
• Users will begin receiving compensation once the fund reaches $5 million.

The decentralized exchange Drift Protocol presented a detailed recovery plan for users following the massive April 1, 2026 hack, during which approximately $295 million was lost. According to cybersecurity firm Mandiant, the attack was organized by cybercriminals linked to North Korea.

The incident became one of the most high-profile events in the DeFi sector this year. Attackers used months-long social engineering tactics, eventually compromising team members’ devices and gaining access to multisignature wallets.

Following the attack, Drift Protocol suspended key protocol functions, including trading and lending, to prevent further losses.

Where the Funds Are Now and Recovery Efforts

The Drift team states that a significant portion of the assets remains traceable and partially frozen:

• approximately 130,259 ETH ($293 million) is concentrated in four attacker wallets;
• part of the funds on the Wormhole network has been temporarily frozen until the end of July;
• 3.36 million USDC was frozen through Circle;
• Drift is working with law enforcement agencies to obtain authorization for confiscation and reissuance of assets.

In addition, the exchange launched a public bounty program: 10% of recovered funds will be awarded to security researchers and white-hat hackers.

Compensation Plan: Recovery Token and Recovery Pool

Drift Protocol proposed a multi-level compensation model for users. The key elements include:

• recovery token — a token reflecting verified losses (1 token = $1 of losses);
• recovery pool — a fund gradually replenished to provide compensation.

The initial fund size is approximately $3.8 million, but it is expected to increase through a portion of the exchange’s quarterly revenues, financial support from Tether (up to $127.5 million), and partner contributions (up to $20 million).

User payouts will begin after the fund reaches $5 million. At the same time, the mechanism stipulates that early redemption of tokens removes the right to future payments.

Drift Relaunch and Security Changes

The team plans to relaunch the protocol in Q2 2026 with a focus on security:

• implementation of a new OpSec policy for multisignatures;
• use of separate devices for signers;
• introduction of timelocks for critical operations;
• full key rotation and new smart contract addresses;
• mandatory audits before relaunch.

Drift Protocol is also restructuring its product with a focus on perpetual futures contracts, discontinuation of some auxiliary products, and transition to USDT as the primary stablecoin.

The attack on Drift became part of a broader trend. According to TRM Labs, North Korean hacker groups accounted for approximately 76% of all crypto market losses in 2026 — around $577 million in just a few months.

Such incidents are changing the industry’s approach to security. Ripple emphasized that modern attacks increasingly rely not on technical vulnerabilities but on human manipulation. The Drift hack pushed the company toward cooperation with a crypto-industry information-sharing center.

See also: "Binance Announces New Withdrawal Protection Feature"

#crypto theft #South Korea

Share: