加密韋馱|Skanda 🔶
加密韋馱|Skanda 🔶|Apr 05, 2026 07:15
Regardless of whether Drift's claim about North Korean hackers is true or not In the current cycle, DeFi project owners' self theft is basically a thing of the past. The theft incidents that you can see exceeding $20 million are basically 'real thefts' I have participated in the aftermath of multiple major DeFi security incidents on the front line, and the entire aftermath process was actually very complicated: -At the moment of the accident, you need to locate the cause of the accident within a very limited time (usually only a few dozen minutes) and take emergency measures to try to terminate the theft of funds -At the same time, the ecology you are in CEX、 Upstream and downstream partners, users, and public social media will bombard your various contact channels, and you also need to be the first to communicate and appease them -Then at this point, it is necessary to contact a considerable number of law enforcement agencies, including but not limited to Homeland Security, IRS, national law enforcement agencies, security companies specializing in handling such security incidents, cross chain bridges, stablecoin issuers, and so on -During this time period, you are basically unable to maintain information synchronization with external parties, especially with the public domain. One is that it is not allowed by law, and the other is that you are still in the stage of offensive and defensive game (such as trying to see if you can contact the attacker to accept the white hat), so it is impossible to be transparent to the outside world That's why many project parties at this stage are criticized and accused of self theft, which is why they can't prove themselves and respond Wait until all of this is over before we can start giving post motem, conducting community and ecological briefings, explaining the cause and effect of the accident, and developing compensation and aftermath plans Note: The above mentioned events occurred in a very short period of time. If the team has no previous experience or no contingency plan, it is simply impossible to cope It is basically impossible to rely on the three parties other than CEX, such as the USDC issue mentioned by @ zachxbt - everyone is like everyone else sweeping the snow, especially for these North American "compliant" infrastructure projects, where the legal process alone takes several months to complete. If we wait for them to solve the problem, the yellow flowers will be completely cold As for self theft under surveillance, with so many eyes fixed on it, and law enforcement agencies always assuming it to be the first to intervene, it is necessary to share all material progress as soon as possible, and there is no room for it (of course, theft after resignation is another matter). If you want to rug, there are more and smarter ways to do it, it's impossible to make it so widely followed across the internet For safety, there are actually several counterintuitive perceptions after practical operation: The more accidents like this occur, the more it will drive the emergence of centralized solutions like the private chain perp "DEX", such as Hyperliquid or some other private chain partners, which are essentially distributed server structures, non KYC, and CEX for verifying withdrawals The theft of DAPP level exchanges on the chain cannot prevent the outflow of funds. Attackers can quickly launder funds through cross chain bridges and other means But private chains are essentially centralized servers, where nodes get stuck and network cables are unplugged, making it impossible to withdraw funds. This is the ultimate solution Many of these project parties, including centralized exchanges, demonstrated to their big LPs and MM that they dared to decisively unplug the network and take on the risk of community criticism, which earned their trust and led to large-scale growth Of course, the trade-off here is: do you think the project party has a higher chance of wrongdoing, or is the probability of North Korean hacker attacks higher 2. Full open source projects face greater security pressure: If this protocol is fully open source, it's like you're in the open and the attacker is in the dark. They have plenty of time and information to study how to attack, while the vast majority of open-source DeFi cannot be forked by the entire network and maintained by everyone like Uniswap and AAVE; But relying on a team and a company to maintain, the benefits of open source have not been realized, and there are also many disadvantages After an attack occurs, many protocols will be accused of not being open source for the attack, but in fact, if both non open source protocols are successfully attacked, then open source protocols will only encounter problems faster 3. English speaking projects pose a higher level of danger Don't misunderstand, this is not a way to put oneself in the face as a Chinese project team - whoever has technical vulnerabilities is dead. But rather, the recruitment and open source collaboration methods used by English speaking project teams are more likely to encounter supply chain attacks such as North Korean hackers. Chinese projects are generally developed in a closed manner, and technical positions are not filled by trustworthy individuals. But English speaking countries are not like that. Sometimes they believe what they say about open source co construction and ignore the true existence of the Dark Jungle Law Finally, I hope the Drift team can find a way to recover their losses
+4
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads