CP
cyberpings
FraudHIGH

Drift Protocol Hacked - $280 Million Stolen in Heist

Featured image for Drift Protocol Hacked - $280 Million Stolen in Heist
BCBleepingComputer
Drift ProtocolSolanafinancial theftcryptoPeckShield
🎯

Basically, hackers stole $280 million from a trading platform by taking control of its admin powers.

Quick Summary

A major security breach at Drift Protocol has resulted in a staggering $280 million loss. The hackers executed a sophisticated attack without exploiting flaws. Users are advised to avoid depositing funds while investigations are ongoing.

What Happened

On April 1, 2026, the Drift Protocol, a decentralized finance (DeFi) trading platform built on the Solana blockchain, reported a significant security breach. Hackers seized control of the platform's Security Council administrative powers, leading to an estimated loss of $280 million. The attack was meticulously planned and executed, showcasing the evolving tactics of cybercriminals in the cryptocurrency space.

How the Attack Worked

The attackers employed a sophisticated strategy by leveraging durable nonce accounts and pre-signed transactions. This allowed them to delay the execution of malicious transactions until the perfect moment. Between March 23 and March 30, they set up these accounts and obtained 2 out of 5 multisig approvals from Security Council members, which enabled them to pre-sign transactions that would later be executed simultaneously with a legitimate transaction on April 1st.

Who's Affected

The breach has had a widespread impact on the Drift Protocol's users. With 200,000 traders and a trading volume exceeding $55 billion, the loss has frozen all protocol functions, affecting borrow/lend deposits, vault deposits, and trading funds. However, the protocol assured users that DSOL assets and the insurance fund remain secure.

What Data Was Exposed

While the attackers did not exploit any flaws in the Drift Protocol's programs or smart contracts, the breach highlights vulnerabilities in governance structures. The hackers introduced a malicious asset, removed withdrawal limits, and drained funds, all while maintaining the appearance of legitimate transactions.

What You Should Do

Drift Protocol has urged users to refrain from depositing any funds until further notice. They are currently collaborating with security firms, cryptocurrency exchanges, and law enforcement to trace and freeze the stolen assets. Users should remain vigilant and monitor their accounts for any unusual activity.

Future Actions

Drift Protocol has committed to publishing a detailed post-mortem report to shed light on the incident and improve security measures. This breach serves as a stark reminder of the importance of robust security practices in the rapidly evolving DeFi landscape.

🔒 Pro insight: This incident underscores the need for enhanced governance mechanisms in DeFi protocols to prevent similar attacks in the future.

Original article from

BCBleepingComputer· Bill Toulas
Read Full Article

Share

Related Pings

MEDIUMFraud

Business Email Compromise - The New Threat Landscape Explained

A recent fraud attempt shows how business email compromise is evolving. Small organizations are now prime targets for these scams. Awareness is key to staying safe.

Cisco Talos Intelligence·
HIGHFraud

Drift Crypto Platform Hack - $280 Million Stolen by North Korea

A massive $280 million was stolen from Drift, a crypto platform, linked to North Korean hackers. This breach raises alarms about security in decentralized finance. Drift is working to trace the stolen assets and improve security measures.

The Record·
HIGHFraud

Vacant Homes - Adversaries Exploit Mail for Fraud

Criminals are exploiting vacant homes to intercept mail and commit fraud. This method targets sensitive information, leading to identity theft. Stay vigilant and monitor your mail to protect yourself.

BleepingComputer·
HIGHFraud

EvilTokens - New Phishing Campaign Abuses Microsoft Login

A new phishing campaign called EvilTokens is exploiting Microsoft’s device code flow to hijack accounts. Users in multiple countries are at risk. Stay alert and protect your credentials!

CSO Online·
HIGHFraud

Customer Authentication - Why Are They Sending Money to Scammers?

Fraud expert Lenny Gusel reveals how separating identity management from fraud detection increases risks. Customers can still be scammed even after authentication. Integrating these systems is crucial for security.

Help Net Security·
HIGHFraud

Digital Assets After Death - Managing Fraud Risks Explained

Fraudsters are targeting deceased individuals' digital accounts. Families must learn how to safeguard digital assets and prevent scams during this vulnerable time. Planning ahead can protect loved ones.

WeLiveSecurity (ESET)·