How State-Sponsored Hackers Like DPRK Drain DeFi Protocols: Uneasy Money
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “How State-Sponsored Hackers Like DPRK Drain DeFi Protocols: Uneasy Money” inside PodZeus.
This episode of Uneasy Money dives into the recent $250 million hack of Drift Protocol, suspected to be orchestrated by North Korea's state-sponsored hacking group (DPRK). The hosts—Cain Warwick, Taylor Monaghan, and Luca Nets—analyze the mechanics of the attack, emphasizing that it likely involved a compromised admin key and a supply chain attack via a malicious update to the Axios dependency, which infected countless developers' systems. They stress the growing threat of sophisticated, persistent malware that can remain undetected for months, especially on Macs, which are now prime targets due to their popularity among crypto developers. The discussion shifts to the broader implications of DeFi security, criticizing Circle’s refusal to freeze assets despite public hacks, calling it a dangerous abdication of responsibility. The hosts also highlight the emergence of 'SEAL 911,' a volunteer emergency response team of crypto security experts who coordinate during crises. Later, they explore the leak of Claude Code’s source code, noting its shocking volatility—where code is replaced every few months—and the resulting 'code laundering' phenomenon. They debate the implications: while the leak undermines proprietary advantage, it accelerates open-source innovation by exposing hard-earned engineering tricks. The episode concludes with reflections on the changing nature of software development, where planning and human archetypes matter more than code literacy, and the importance of leveraging individual strengths in teams. Key takeaways include: 1) Treat your development devices as high-security assets—use isolated, rotating machines; 2) Pin dependencies and enforce minimum age thresholds to prevent supply chain attacks; 3) Use EDR tools like CrowdStrike, not just AV, to detect behavioral anomalies; 4) Never assume code is secure just because it’s open—malware can be silently embedded; 5) The future of software development is shifting left: focus on intent and planning, not code syntax; 6) Understand your team’s cognitive archetypes to improve communication and execution; 7) In crises, rely on trusted networks like SEAL 911—don’t go it alone; 8) The era of 'code as a moat' is over—value lies in execution, not just the code itself.
Treat your development devices as high-security assets—use isolated, rotating machines.
Pin dependencies and enforce minimum age thresholds to prevent supply chain attacks.
Use EDR tools like CrowdStrike, not just AV, to detect behavioral anomalies.
Never assume code is secure just because it’s open—malware can be silently embedded.
The future of software development is shifting left: focus on intent and planning, not code syntax.
…and 3 more takeaways available in PodZeus
Introduction and the Drift Protocol Hack
The hosts open the episode with a disclaimer and sponsor reads, then immediately dive into the $250 million Drift Protocol hack, noting the lack of a post-mortem and the growing suspicion that DPRK is behind it, especially given the timing and pattern of recent attacks.
The Axios Supply Chain Attack and DPRK Tactics
“They're not the brightest bulbs in the bulb factory. Put it that way.”
Device Security and Malware Detection
“If your computer is completely compromised in the way that DPRK compromises computers, that token, they take that token and reuse it.”
The Drift Hack Mechanics and Protocol Response
“You've deliberately given up the sanctity of your protocol to the U.S. government.”
The Rise of SEAL 911 and Crisis Response
“If you ever literally anyone listening to this, if you ever like need help with anything, that's like slightly security plus crypto... seal 9-1-1 is literally it.”
“You've deliberately given up the sanctity of your protocol to the U.S. government.”
“If you ever literally anyone listening to this, if you ever like need help with anything, that's like slightly security plus crypto... seal 9-1-1 is literally it.”
“The value of code was so high because it was so expensive to do it that if you built the best code base in the world... it's just incredibly valuable. And yet here we are. It doesn't even matter.”
Hosts
DPRK
other
Claude Code
product
SEAL 911
organization
Drift Protocol
other
Anthropic
organization
Axios
product
Circle
organization
CrowdStrike
organization
OpenAI
organization
Zoom
product
Quantum Computing Got 20x Closer. It Threatens A Third of All Bitcoin
Unchained • 1h 9m • 4/3/2026
DEX in the City: Why the Prediction Market Bans Could Just Be Beginning
Unchained • 41m • 4/3/2026
How Solana's Largest Perp DEX Was Exploited for $285 Million
Unchained • 38m • 4/4/2026
How Bitcoin Is Both a Risk Asset and a Hedge Against Debasement
Unchained • 46m • 4/5/2026
Do Centralized Real World Assets on DeFi Break Ethereum? - Bits + Bips
Unchained • 1h 4m • 4/5/2026
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “How State-Sponsored Hackers Like DPRK Drain DeFi Protocols: Uneasy Money” inside PodZeus.
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime