FinTech

Drift Protocol Exploit: Why “Social Trust” Is the Newest Cybersecurity Gap

By Rajeev Raghavan, Anand Sithian & Sarah Rippy on April 28, 2026

Posted in Cryptocurrency, Digital Assets, FinTech

What You Need to Know

Key takeaway #1: Threat actors are no longer just looking for software bugs; they are spending months building fake identities to “befriend” organizations and conduct corporate espionage.
Key takeaway #2: The Drift incident reflects a familiar Democratic People’s Republic of Korea (DPRK) playbook with an in-person twist: identity deception, relationship-building, privileged access, and rapid monetization ― the same methods central to North Korea’s remote IT worker schemes.
Key takeaway #3: Where a small group of individuals can authorize consequential financial or administrative actions, social engineering and insider-enabled compromise present significant legal, compliance, and operational risk. High-risk approvals, access governance, and hiring controls should be treated as core security measures.

The recent $285 million theft from Drift Protocol serves as a high-stakes reminder that the human element remains one of the biggest cybersecurity gaps in any organization. This was not a “hack” in the traditional sense of breaking through a digital wallet. North Korean actors used sophisticated social engineering to exploit human trust ― highlighting what looks like a “hacking” risk into valuable lessons learned for cybersecurity oversight.

OFAC Sanctions Cartel-Linked Casinos and Financial Enablers on the Southern Border

By Dmitry Bergoltsev, Caroline Brown, Carlton Greene & Anand Sithian on April 15, 2026

Posted in Digital Assets, Financial Services, FinTech, Regulatory & Enforcement

Key Takeaways

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated six individuals and entities tied to Cartel del Noreste (CDN)—one of Mexico’s most violent drug trafficking organizations—including two CDN-affiliated casinos used for money laundering and drug operations near the U.S.-Mexico border.

OFAC’s actions are the latest examples of a broader national security strategy to use sanctions, AML authorities, criminal prosecutions, and other tools to counter cartels on the U.S.-Mexico border. These efforts have targeted in particular non-traditional financial institutions such as casinos, public-facing professionals, and disinformation actors.

The State Department designated CDN as a foreign terrorist organization (FTO) on February 20, 2026, and today’s designations were issued under both Executive Order 14059 (narcotics trafficking) and Executive Order 13224 (terrorism), underscoring the U.S. government’s treatment of major cartels as hybrid criminal-terrorist threats.

Crowell Publishes Article on New York Crypto Bill in Law360

By Carlton Greene, Anand Sithian & Allison Fleming on April 8, 2026

Posted in Cryptocurrency, Digital Assets, Financial Services, FinTech, Regulatory & Enforcement

On Jan. 14, New York state Sen. Zellnor Myrie proposed legislation in the New York State Senate that would amend New York law to make it a criminal offense to operate a virtual currency business in the state without the proper license.

By introducing the possibility of criminal penalties, S.B. 8901 — the Cryptocurrency Regulation…

Crowell & Moring Ranked a Leader for Crypto-Asset Disputes by Chambers FinTech

By Paul B. Haskel, Carlton Greene & Anand Sithian on December 8, 2025

Posted in Cryptocurrency, FinTech, Litigation

Crowell has been ranked a leading firm by Chambers FinTech in the USA Nationwide Crypto-Asset Disputes category. Crowell’s Anand Sithian has been named a notable practitioner in this area.

According to Chambers, Crowell’s FinTech practice has “strong corporate, financial services and white-collar capabilities to support clients across transactions and evolving regulatory frameworks.”

Chambers FinTech offers…

menu

FinTalk