“We need to stop calling these ‘hacks’ and start calling them what they are: intelligence operations,” @aurbelis told @CoinDesk.
For North Korea, crypto is not a payment rail. It's a replacement for a sanctioned-out economy, which makes the ecosystem itself the target.
Read more: coindesk.com/tech/2026/04/12/…
“This is not a series of incidents; it is a cadence,” @aurbelis said.
Over $500M was siphoned in weeks across Drift and Kelp, not by breaking cryptography, but by exploiting assumptions in how systems are designed and configured.
Read more: coindesk.com/tech/2026/04/20/…
The pattern is clear.
These aren't isolated breaches. They are sustained operations, targeting how crypto systems are built and how teams operate.
For ENS, this reinforces that identity is part of the security model, not just a convenience.