Ledger CTO: Drift Attack Method Similar to 2025 Bybit Incident, Possibly Involving North Korean Hackers

Odaily News Ledger Chief Technology Officer Charles Guillemet stated in a post that the attack method used in the Drift Protocol exploit is similar to the 2025 Bybit hacking incident, which is widely believed to be related to North Korean hackers.

He pointed out that this attack did not directly target the smart contract. Instead, it involved long-term infiltration of multi-signature signer devices, inducing them to approve malicious transactions. The relevant signers may have completed the authorization unknowingly. Guillemet believes this incident highlights that the security issues primarily stem from personnel and operational levels, rather than code-level flaws.