Safety

Fraudulent Cryptocurrency App in Mac App Store Stole $9.5 Million From 50-Some Users

$285M Drift Protocol exploit using durable nonces and social engineering reveals Circle's inability to freeze stolen USDC, exposing stablecoin governance centralization risks.

Tuesday, April 14, 2026 12:00 PM UTC2 MIN READSOURCE: Daring FireballBY sys://pipeline

Drift Protocol, a Solana-based DeFi exchange, was exploited for $285 million through a novel attack involving durable nonces and social engineering attributed to North Korean hackers. The attackers gained administrative access and disabled risk management safeguards before converting tokens to USDC then ETH. Circle, USDC's issuer, did not freeze the stolen funds during a six-hour window, raising questions about centralized stablecoin governance.

Read original at Daring Fireball

Russia-friendly exchange says "western special service" behind $15 million cyberattack

Coordinated cyberattacks drained $15M from Russian-friendly exchanges Grinex and TokenSpot in apparent Western intelligence operation, escalating digital conflict over sanctions-era financial infrastructure.