How 'Booth Babes' at Crypto Conferences Could Lead to Big Hacks Like Drift's

8 snips

Apr 8, 2026

Amanda Wick, crypto compliance lead at VerifyVASP, and Michael Lewellen, blockchain security pro from Turnkey, unpack a six‑month in‑person long con that enabled the $285M Drift hack. They probe conference social engineering, Potemkin identities, use of USDC for laundering, why stablecoin freezes lag, booth-access risks, nation‑state tradecraft, and practical operational defenses.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Long Term In-Person Intel Led To Multisig Compromise

The Drift hack was a long-term intelligence operation that used in-person trust-building at conferences to compromise engineers and admin multisigs.
Attackers cloned repos, exploited endpoint vulnerabilities, and obtained pre-signed multisig transactions weeks before execution.

INSIGHT

Nation State Hacking Has Become Organized Revenue Operations

Nation-state actors like DPRK now run franchise-style, revenue-driven hacking operations that use intermediaries and proxies.
These groups target high-value crypto teams because stolen crypto funds materially fund state programs and are worth sustained effort.

INSIGHT

Conference Booths And BD Are Real Attack Surfaces

Non-technical conference practices like hiring booth staff can create attack surfaces by granting access to prospective customers.
Casual BD interactions at conferences may leak PII or operational details attackers can exploit later.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

The Drift hack wasn't a one-off exploit. It was a patient operation spanning months, with nation-state actors working the conference circuit. Then Circle let the hackers take the money.

Bitcoin’s application layer, Citrea, launched its mainnet, expanding Bitcoin’s utility to privacy, lending, BTC yields, and more.

Citrea enables:

cBTC: The first trust-minimized Bitcoin on a fully programmable platform.

ctUSD: A native stablecoin for Bitcoin, allowing for unified liquidity.
Bitcoin Capital Markets bringing demand, and utility to the Bitcoin Network.

Explore the Citrea Ecosystem. http://citrea.xyz/unchained

===============================================================================

Ether.fi is giving Unchained listeners 15% cashback on food and ride apps — and that's on top of the 3% you get on everything else.

Your bank is charging you to use your own money. Laura switched and loves her card!

Go to http://ether.fi/unchained to claim your offer.

===============================================================================

The Drift hack looked like a typical smart contract exploit until the postmortem revealed something far more elaborate: a six-month DPRK intelligence operation involving in-person social engineering at crypto conferences, fully constructed professional identities, and a $1 million deposit to build trust.

Then, after $232 million in USDC was stolen, Circle declined to freeze the funds while attackers bridged them across chains for six hours during business hours.

Michael Lewellen from Turnkey and Amanda Wick from VerifyVASP tackle what the Drift compromise teaches about operational security in crypto, why Circle's decision raises hard questions about stablecoin issuer responsibility, and whether the legal framework is forcing companies to choose between compliance and doing what's right.

Host:

Laura Shin, Host / Unchained

Guests:

⁠⁠⁠⁠Amanda Wick, Head of Americas at VerifyVASP
⁠⁠⁠⁠Michael Lewellen, Head of Solutions Engineering at Turnkey

Learn more about your ad choices. Visit megaphone.fm/adchoices