Photo: Illustrative
At Least 12 Crypto Entities Hit in Wave of Attacks After Drift Protocol Exploit
At least 12 DeFi protocols and crypto businesses have been attacked in just over two weeks following the Drift Protocol exploit on April 1, which saw losses of about $280 million in a long-running social engineering attack suspected to involve North Korean affiliated actors.
.jpeg)
At least 12 DeFi protocols and crypto businesses have been attacked in just over two weeks following the Drift Protocol exploit on April 1, which saw losses of about $280 million in a long-running social engineering attack suspected to involve North Korean affiliated actors.
The affected platforms include CoW Swap, Hyperbridge, Bybit, Dango, Silo Finance, BSC TMM, Aethir, MONA, Zerion, Rhea Finance, and Grinex exchange, showing a broad impact across both DeFi protocols and centralized services.
Major Losses: Rhea Finance and Grinex Exchange
DeFi protocol Rhea Finance lost around $7.6 million after an attacker exploited its Margin Trading feature, launching a coordinated pool manipulation attack that targeted the Rhea Lend smart contract. Blockchain security firm CertiK reported that the attacker created fake token contracts and added liquidity into new pools, likely tricking oracle and validation systems.
Meanwhile, the Russia-linked Grinex exchange suspended operations after a $13.7 million hack, blaming “unfriendly states” for the breach. The exchange has been previously linked to Russia’s crypto ecosystem and sanctions-evasion concerns.
Other April Attacks Across DeFi Ecosystem
Additional incidents include a $1.67 million reserve manipulation attack on the Binance Smart Chain TMM/USDT liquidity pool, a $410,000 exploit at bridge aggregator Dango, a $392,000 oracle misconfiguration exploit at Silo Finance, and a $423,000 access control attack affecting Aethir.
Expanding Threats and AI-Driven Social Engineering
Analysts warn that attackers are increasingly using advanced AI tools for social engineering and credential theft, improving their ability to impersonate developers and infiltrate projects.
Overall, malicious actors stole over $168.6 million from 34 DeFi protocols in Q1 2026, highlighting escalating coordinated threats across the crypto sector.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.
Live market reaction
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.
Start trading
with BloFin today
Up to $500 sign-up bonus and zero-fee trading on your first 30 days.
Buy crypto nowⓘ You will be redirected to BloFin
About the author
Emerging voice in crypto journalism with a background in fintech and digital economics. Covers DeFi, NFTs, and the evolving regulatory landscape.
BitMine Expands Ethereum Holdings With $238M Purchase, Nears 5% Supply Target
.jpeg&w=32&q=75){kind=small}
Laurisa · 
Bitcoin Price Outlook: Why BTC Could Move Toward $95K After $80K Recovery
Tristan R. · 
Trump-Linked World Liberty Files Defamation Case Against Justin Sun Over WLFI Token Dispute
Laurisa ·