North Korea's $285M Crypto Heist, China Breaches FBI System, Delve Faces New Allegations

7 snips

Apr 7, 2026

They unpack a $285M crypto heist tied to North Korea and the elaborate fraud and social engineering behind it. They cover a recovered Iran-linked wiper attack that exploited admin tools and raised Intune security questions. They discuss a China-linked breach of a U.S. surveillance system being called a major incident. They examine allegations that a startup repackaged open-source software and the fallout with Y Combinator.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

North Korea's Sophisticated $285M Drift Attack

North Korea executed a three-week setup using a fake Carbon Vote Token and wash trading to fool Drift Protocol's price systems.
Attackers social-engineered insiders, exploited removal of a timelock, listed the fake token as collateral, and withdrew $285 million in 12 minutes.

INSIGHT

DPRK Crypto Campaigns Scale And Target Open Source

The Drift theft pushed North Korea's crypto theft total past $7 billion after a $2.5 billion 2025 haul.
DPRK also carried out a massive supply-chain compromise of the widely used Axios package to target crypto funds.

ANECDOTE

Stryker Recovered After Massive Wiper But Patients Faced Delays

Stryker Medical recovered operations three weeks after an Iran-linked Handala group used a compromised admin account to wipe ~80,000 devices.
Production returned but some surgeries were delayed and full financial impact will surface in Q1 results.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Host David Shiple covers major cybersecurity news: investigators attribute a record $285 million April 1 hack of crypto platform Drift Protocol to North Korea, describing a three-week setup involving a fake "Carbon Vote Token," wash trading to inflate value, social engineering to pre-approve backdoored transactions, Drift's removal of a timelock, and rapid collateralized withdrawals that crashed Drift's token and are now tracked by TRM Labs; the report notes North Korea's 2025 crypto theft total of $2.5B and lifetime total surpassing $7B after this incident, alongside mention of a North Korea-linked supply-chain compromise of the widely used Axios package. Stryker Medical says it has fully recovered from a March 11 Iran-linked wiper attack that used a compromised admin account and Microsoft Intune, prompting Microsoft guidance on multi-admin approval for wipes. The FBI labels a suspected China-linked breach of a U.S. surveillance system a "major incident," likening it to the 2024 Salt Typhoon campaign, while Sen. Mark Warner cites staffing cuts and leadership turmoil at CISA. TechCrunch reports embattled compliance startup Delve faces new claims it repackaged an open-source tool (Sim Studio) as its own "Pathways," as Delve denies broader fraud allegations, says it was targeted by a malicious actor, and Y Combinator cuts ties.

Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst

00:00 Headlines And Sponsor 00:54 North Korea Crypto Heist 01:16 How The Drift Hack Worked 03:20 Bigger DPRK Crypto Trend 04:24 Stryker Wiper Recovery 06:39 China Breach Major Incident 08:38 Policy And Staffing Fallout 09:37 Delve Startup In Crisis 10:29 Stolen Software Allegations 13:12 Delve Fights Back YC Cuts Ties 14:35 Wrap Up And Thanks 15:12 Sponsor Message Meter