Drift Protocol Hack Drains Up to $270M in Crypto

Drift Protocol confirmed it faced an active cyberattack after unusual onchain activity triggered emergency measures across the platform. The team suspended deposits and withdrawals and issued repeated warnings through its official X account.

“We are observing unusual activity on the protocol. We are currently investigating,” the team wrote. “Please do not deposit funds into the protocol while we investigate. This is not an April Fools joke. Proceed with caution until further notice.”

A follow-up message confirmed escalation.

“Drift Protocol is experiencing an active attack. Deposits and withdrawals have been suspended,” the team said. “We are coordinating with multiple security firms, bridges, and exchanges to contain the incident. This is not an April Fools joke.”

The protocol did not confirm the total losses. Independent blockchain security firms and onchain analysts placed estimates between $130 million and more than $285 million. Some datasets and trackers like Lookonchain pointed to figures closer to $270 million, which would rank among the largest decentralized finance exploits of the year.

Exploiter converts funds and moves across chains

Blockchain monitoring accounts traced rapid fund movements after the breach. Lookonchain reported that the attacker began converting stolen assets into stablecoins before bridging them out of the Solana ecosystem.

Onchain data showed that the attacker acquired 19,913 ETH, valued at about $42.6 million at the time of the observation. The movement followed a pattern common in large-scale exploits, where assets move through multiple conversions in an attempt to reduce traceability.

The attacker’s primary wallet, flagged by blockchain explorers, appeared only days before the exploit. Activity records show initial interactions with exchanges and decentralized platforms before a period of dormancy. The wallet became active again shortly before the attack.

Multiple vaults targeted as outflows accelerate

Early transaction data indicated that several vaults within Drift Protocol were affected. These included JLP Delta Neutral, SOL Super Staking, and BTC Super Staking vaults. One transfer alone involved 41.7 million JLP tokens, valued at roughly $155 million.

Additional assets such as SOL, USDC, wrapped bitcoin, and other tokens also left the platform. Blockchain tracking tools showed balances dropping sharply during the incident.

Security researchers have not confirmed the exact exploit method. Early discussions referenced possible vulnerabilities tied to smart contracts, private key compromise, or oracle manipulation. One report pointed to a novel attack involving durable nonces that allowed unauthorized control over administrative permissions.

The investigation remains ongoing, and the protocol has not published a technical post-mortem.

Market impact hits Solana ecosystem

The exploit triggered immediate market reactions across the Solana ecosystem. SOL traded near $78 after a daily drop of nearly 6%, extending an 11% weekly decline. Trading volume reached $5.8 billion over 24 hours, according to TradingView data.

The native DRIFT token also fell sharply. Prices dropped from around $0.072 to near $0.045 during the initial reaction window.

Total value locked across Solana-based protocols decreased, with several major platforms reporting outflows. Decentralized exchange activity also declined compared to earlier months.

Platform background and previous positioning

Drift Protocol launched in 2021 as a decentralized trading platform built on Solana. It offers perpetual futures trading, spot markets, lending, and borrowing services. The protocol positioned itself as a non-custodial alternative to centralized exchanges.

In earlier public statements, cofounder Cindy Leow described the ambition to build a platform comparable to mainstream retail trading apps. The project underwent multiple code audits in 2023 and 2024, according to documentation on its website.

Despite those audits, the current exploit highlights persistent risks across decentralized finance platforms. Data from Chainalysis shows that crypto theft reached $3.4 billion in the previous year, with large incidents continuing to affect both centralized and decentralized services.

Ongoing response and user warnings

Drift Protocol stated it is working with external partners to contain the situation. The team has not provided a timeline for restoring normal operations. Communication remains limited to short updates through official channels.

Blockchain monitoring platforms continue to track the attacker’s wallet activity, including swaps, bridge transfers, and potential interactions with centralized exchanges.

Users received direct warnings to avoid interacting with the protocol. Security guidance from analysts included revoking wallet permissions and monitoring exposure to affected vaults.

The situation remains active. Further updates will depend on the outcome of the ongoing investigation and any recovery measures the protocol can implement.

Aave Launches on X Layer via OKX Wallet Integration | HODL FM NEWS

Aave launches on X Layer, enabling OKX Wallet users to lend, borrow, and earn yield directly on the network, with no bridging or separate wallet setup required.

HODL FM News: The Wildest Ride in the Crypto MarketGunel Ismayilova

Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that, despite the nature of much of the material created and hosted on this website, HODL FM operates as a media and informational platform, not a provider of financial advisory services. The opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice, HODL FM strongly recommends contacting a qualified industry professional.