Drift Protocol, the Solana perpetuals exchange that lost $285 million to a North Korean hacking group on April 1, is targeting a June 2026 return with a $147.5 million recovery package from Tether and co-investors, plus a settlement switch from USDC to USDT.
Bloomberg and TRM Labs identified the April 1 attack as the largest DeFi exploit of 2026. Mandiant's forensic investigation attributed the breach to UNC6862, a North Korean state-linked threat group.
CoinDesk reported that the attackers spent roughly six months embedded inside Drift's organization, posing as a quantitative trading firm, before executing the drain.
On April 16, Drift announced a deal totaling up to $147.5 million: $127.5 million from Tether and $20 million from co-investors. The package is structured as a revenue-linked credit facility, with ecosystem grants and loans to designated market makers.
A dedicated recovery pool will target approximately $295 million in total user losses, funded quarterly from trading revenue and partner capital.
Tether's participation also changes Drift's market structure. Drift will replace Circle's USDC with USDT as its settlement asset on relaunch, with the team positioning it as the largest USDT-based perpetuals exchange on Solana.
Three security firms, Trail of Bits, Neodyme, and OtterSec, are conducting independent audits before go-live, per Drift's June 3 recovery update.
Drift hired Noah Prince, formerly Head of Protocol Engineering at Helium, where he led that network's migration to Solana, as its new Head of Protocol. Former members of the Gauntlet team are overhauling the liquidation engine and refining funding-rate and market parameters.
Drift's TVL stood at approximately $5.4 million on June 27, per DefiLlama, against a peak of $1.1 billion in October 2025.
The protocol's most recent recovery update, published June 3, did not give a confirmed go-live date. It said further timing detail would follow audit completion.