How 'Booth Babes' at Crypto Conferences Could Lead to Big Hacks Like Drift's
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “How 'Booth Babes' at Crypto Conferences Could Lead to Big Hacks Like Drift's” inside PodZeus.
This episode of Unchained dives into the sophisticated, nation-state-level hack of Drift, revealing that the attack was not a sudden breach but a six-month-long intelligence operation involving in-person meetings at crypto conferences. The attackers, likely linked to North Korea's UNC-4736 group, created elaborate fake identities—complete with professional backgrounds, LinkedIn profiles, and even deposits of $1 million—to gain the trust of Drift engineers. They exploited vulnerabilities in development tools like VS Code and secured admin wallet signatures weeks in advance using durable nonces, enabling a near-instantaneous attack. The discussion highlights how the crypto industry remains dangerously unprepared for such threats, with many teams treating security as an afterthought despite handling billions in value. The episode also scrutinizes Circle’s failure to freeze $232 million in USDC during the hack, despite having the technical and legal ability to do so, drawing criticism for prioritizing legal caution over victim protection. In contrast, Tether is praised for its proactive, risk-based approach to freezing stolen funds. The hosts and guests stress the need for better operational security, including air-gapped signing devices, endpoint protection, independent audits, and a cultural shift toward proactive defense. The episode ends with a sobering reminder that the crypto world must evolve beyond reactive measures and embrace a mindset of constant vigilance.
Nation-state actors like North Korea use long-term, in-person intelligence operations to infiltrate crypto teams, often posing as legitimate contributors.
The Drift hack was not a code exploit but an operational security failure—compromised developer devices and trusted insiders were key vectors.
Crypto teams must implement air-gapped signing systems, strict endpoint protection, and regular credential rotation to prevent similar breaches.
Circle’s failure to freeze funds during the Drift hack reflects a systemic issue: compliance over action, despite having the power to stop theft.
Tether’s proactive, risk-based freezing policy—working with security firms like ZeroShadow—provides a model for how stablecoin issuers should respond to hacks.
…and 3 more takeaways available in PodZeus
Introduction and Sponsorship
Laura Shin introduces the episode, sets the tone with a disclaimer, and welcomes listeners to the live stream. She promotes sponsors Citrea and EtherFi, highlighting their crypto-backed rewards and financial tools.
The Drift Hack: A Nation-State Operation
“It was a long-term, at least six month intelligence operation... they were able to get signatures on these admin wallets weeks in advance of the actual attack.”
The Illusion of Trust: Fake Identities and Booth Babes
“Every single attack vector surface really needs to be reconsidered. And it's like, you know who does think about that is DPRK, right?”
Who Are the Attackers? North Korea and Beyond
The panel explores the identity of the attackers, focusing on North Korea’s UNC-4736 group. They discuss how nation-states use intermediaries, including non-North Koreans, to avoid detection and how the attackers’ behavior reflects a franchise-style operation.
Circle’s Inaction: A Systemic Failure
“It's like they built a Tesla and they're like, oh, we're going to use the laws from back when we did horse and buggy.”
“It's like they built a Tesla and they're like, oh, we're going to use the laws from back when we did horse and buggy.”
“It was a long-term, at least six month intelligence operation. And what's really wild about this is that involved in-person professionals or crypto professionals, ostensibly interacting with the Drift team...”
“The biggest hack is not a code exploit. It's an operational security failure.”
Host
Guests
Drift
organization
Circle
organization
North Korea
place
Tether
organization
Michael Llewellyn
person
Amanda Wick
person
UNC-4736
organization
ZeroShadow
organization
Seal911
organization
Zach XBT
person
Quantum Computing Got 20x Closer. It Threatens A Third of All Bitcoin
Unchained • 1h 9m • 4/3/2026
DEX in the City: Why the Prediction Market Bans Could Just Be Beginning
Unchained • 41m • 4/3/2026
How Solana's Largest Perp DEX Was Exploited for $285 Million
Unchained • 38m • 4/4/2026
How Bitcoin Is Both a Risk Asset and a Hedge Against Debasement
Unchained • 46m • 4/5/2026
Do Centralized Real World Assets on DeFi Break Ethereum? - Bits + Bips
Unchained • 1h 4m • 4/5/2026
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “How 'Booth Babes' at Crypto Conferences Could Lead to Big Hacks Like Drift's” inside PodZeus.
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime