North Korean hackers steal $285 million from DeFi with social engineering

DeFi (Decentralized Finance) is gaining more and more space in the global cryptocurrency market, but it also attracts the attention of cybercriminals.North Korean hackers known as LazarusRecently, he was able to disappear$285 millionIn a single attack on a DeFi protocol.Journal of Coin, the strategy used did not involve advanced technical exploits, but ratherSocial engineeringpsychological manipulation to deceive users and developers.

How did the Drift Protocol attack occur?

The ProtocolDrift Protocol, the decentralized trading platform (DEX) specializing in derivatives, was the victim of an attack that exploited human failures rather than code vulnerabilities.Apply to legitimate developersThey gained access to privileged information and thus managed to manipulate transactions and divert funds from unaware users.

The details of the attack are still being investigated, but cybersecurity experts point out that the Lazarus group has specialized inTactics of Social EngineeringIn addition, the stolen value represents one of the largest losses recorded in a single DeFi attack in 2024.

Why is DeFi so vulnerable to such attacks?

DeFi is an ecosystem that depends heavily onConfidence and interaction between users and developersUnlike traditional systems, where transactions are validated by centralized institutions, DeFi operates in a decentralized way, which can facilitate the exploitation of human gaps. Since protocols are often open-source and allow interactions with smart contracts, attackers can exploit communication or trust failures.

In addition, aLack of clear regulationIn many countries, including Brazil, it can make it difficult to track stolen funds and implement preventive measures.ChainalysisMore than$1.7 billion in cryptocurrenciesNorth Korean hackers are responsible for a significant proportion of these incidents, with a history of attacks including the $620 million theft in 2022, in the case of the Ronin Network protocol.

In Brazil, where the adoption of cryptocurrencies grows every year, DeFi’s security is a growing concern.The Bitcoin Marketand aFoxbit“DeFi offers numerous opportunities, but it also requires users to be extremely careful when dealing with smart contracts and transactions,” a Foxbit spokesman said.

Impact on the Brazilian and Global Market

The attack on the Drift Protocol reinforces the need forIncreased investments in cybersecurityWithin the DeFi ecosystem. audit protocol as aCertifiedand aSlowMisthave been increasingly sought for projects to review their smart contracts before launch. however, even with audits, attacks such as the Lazarus show thatNo system is 100% secure..

For Brazilian investors, the incident serves as a warning. Many Brazilians apply to DeFi through centralized exchanges, which offer an extra layer of security. However, protocols like Drift, which allow direct transactions between users, are becoming increasingly popular. "It is critical that users understand the risks involved and adopt protective measures, such as using hardware wallets and verifying addresses before carrying out transactions," a digital security expert recommended.

In addition, the attack may have an indirect impact on the Brazilian cryptocurrency market. If investors begin to lose confidence in DeFi, there may be a crisis.Recovery of decentralized applicationsInstead, security awareness can lead to a growth of solutions such asSecure DefiMore transparent protocols.

The Lazarus group, which has already been linked to several governments, continues to be one of the biggest challenges for the global crypto community.United Nations and the FBI“They are extremely sophisticated and constantly adjust their tactics,” said a report from the group.Chainalysis.

What can Brazilians do to protect themselves?

Although there is no magic formula to prevent attacks like Drift Protocol, there are some measures that Brazilian users can take to reduce the risks:

• Use of hardware wallets:Devices like Ledger or Trezor store your private keys offline, making it difficult for hackers to access.
• Check the addresses:Before confirming a transaction, check whether the recipient’s address is correct, the hackers can replace addresses in emails or messages.
• Avoid uncontrolled protocols:Before interacting with a DeFi protocol, make sure it has passed audits from trusted companies such as CertiK or Quantstamp.
• Stay informed :Follow news about new attack methods and vulnerabilities on trusted platforms such asCointelegraph BrazilorBeInCrypto in Brazil.

While DeFi continues to revolutionize the global financial market, the risks associated with cyber attacks cannot be ignored. The Drift Protocol case is another reminder that, in a decentralized environment, security depends not only on technology, but also on user awareness. In Brazil, where the crypto market is growing at a wide pace, education and adoption of good practices will be essential to sustain this advance.