Drift Protocol attributes $280 million crypto theft to six-month in-person operation

The Drift Protocol disclosed Monday that a $280 million cryptocurrency theft resulted from a meticulously planned six-month operation that included establishing physical operational presence near target personnel. The decentralized finance platform said attackers conducted sustained in-person reconnaissance and social engineering, representing a rare convergence of physical and cyber tactics in cryptocurrency heists. The operation's duration and resource commitment suggest sophisticated threat actor capabilities and substantial funding, distinguishing the incident from more common remote exploitation attacks. Drift Protocol's disclosure did not identify specific geographic locations or whether law enforcement has been engaged. The theft ranks among the largest decentralized finance exploits and raises questions about security assumptions in blockchain ecosystems, which typically emphasize cryptographic protections over physical operational security. Industry analysts noted that the attack methodology resembles techniques historically associated with nation-state actors or organized criminal groups targeting high-value traditional financial institutions, potentially indicating evolution in threat actor targeting of cryptocurrency platforms.