North Korea’s $577 Million Crypto Heist: How It Happened
- May 29, 2026
- Posted by: Alex Reed
- Category: Related News
In the world of cryptocurrency, the stakes have never been higher. Recent hacks resulting in massive losses reveal the complex dangers lurking in the decentralized finance (DeFi) space, affecting everyday users and investors. Understanding these risks is essential, especially as they reflect broader issues in cybersecurity.
The Alarming Rise in Crypto Theft
In April 2026, two major hacks caused about $577 million in theft, accounting for an astounding 76% of all crypto thefts recorded this year. Both attacks were linked to the Lazarus Group, a hacking collective associated with North Korea. The thieves employed social engineering tactics to infiltrate systems and obtain critical information over a six-month period.
The first attack targeted Drift Protocol, a decentralized perpetual futures market, draining approximately $285 million in just twelve minutes. The hackers had built relationships with Drift contributors, attending crypto conferences to further their deception. This operation showcased how the attackers didn’t need to exploit code vulnerabilities; instead, they utilized human weaknesses.
Meanwhile, a second breach of KelpDAO, worth $292 million, raised alarms about the risks of decentralized exchanges collapsing under the weight of compromised assets. This month was labeled the worst for crypto security to date, as thefts surpassed $1 billion in total.
How Did the Attacks Unfold?
The sequence of events leading up to the Drift Protocol attack is troubling. It began at crypto conferences, where attackers posed as industry professionals. Over the months, their lies bore fruit as they built trust and access to vital information within Drift, involving community discussions and integration strategies.
When the attackers were ready, they pre-signed transactions which allowed them to seize control of significant user funds. The art of social engineering was instrumental here. By manipulating trust and exploiting relationships built over time, the hackers gained access to wallets that contained millions of dollars.
In a matter of minutes, they executed the complex plan that ripped funds from the protocol. Similarly, the KelpDAO attack victimized dreams of decentralized finance, initiating a bank run that saw billions withdrawn from lending protocols.
The Bigger Picture: State-Sponsored Hacking
These incidents expose more than just individual vulnerabilities; they reveal a state-sponsored intelligence operation. The Lazarus Group has systematically stolen roughly $6 billion in crypto since 2017, using these funds to support North Korea’s missile and nuclear weapons development.
Security experts highlight that the tactics employed by Lazarus represent a significant shift in the threat landscape. Unlike traditional hacking methods focused on exploiting code, the current wave leverages human trust as the primary point of attack. This evolution requires immediate and robust changes in operational security practices to protect against future breaches.
As the crypto industry matures, the threats have also grown increasingly sophisticated. Hackers are using advanced tools, including AI, to enhance their social engineering schemes. The same technological advancements that serve the crypto community for innovation are now twisted against it.
What This Means for You
These security breaches highlight the need for heightened awareness and operational protocols in the crypto space. Users must recognize that cyber threats can come from trusted sources and develop a healthy skepticism regarding whom to trust.
For individuals dealing with employment contracts or any official documents involving sensitive information, be cautious. If you ever need to review such agreements, legal-document-to-plain-english-translator/”>AI legalese decoder can help translate them into plain English in seconds.
As the industry grapples with these challenges, continuous education and stronger verification methods are vital for protecting user assets. By staying informed, users can contribute to a more secure future in the cryptocurrency landscape.
Need to decode legal language? Try the free AI Legalese Decoder — no registration required.
Source: https://crypto.news/north-korea-just-stole-577mn-from-crypto-with-two-attacks-heres-how/
****** just grabbed a