Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Here is how Drift attackers drained more than $270 million using a Solana feature designed for convenience

Attackers used durable nonces and pre-signed approvals to seize admin control, drain more than $270 million, and freeze the protocol, researchers said.

  • On April 1, an attacker drained $285 million from Drift Protocol, a Solana-based perpetual futures exchange, marking the second-largest exploit in the network's history and highlighting security risks beyond smart contracts.
  • The exploit did not involve smart contract bugs; instead, attackers misused a legitimate Solana feature called 'durable nonces' to trick two of five Security Council multisig members into pre-approving malicious transactions.
  • Using administrative access, the attacker created a fake token called CarbonVote Token to manipulate price oracles, enabling them to drain over $250 million from Drift's shared liquidity pool.
  • Onchain investigator ZachXBT criticized Circle for failing to freeze stolen USDC as the attacker bridged over $230 million to Ethereum via Circle's Cross-Chain Transfer Protocol during U.S. business hours.
  • Security experts warn that operational failures, rather than code vulnerabilities, are becoming the primary method for DeFi exploits, as Solana's SOL token fell 5.5% to around $78 following the incident.
Insights by Ground AI

38 Articles

sherwood.newssherwood.news
Lean Left

Solana drops to price not seen since February as Drift exploit rattles sentiment

The total value locked on solana has shrunk by nearly $1 billion since the incident....

Read Full Article
Coin DeskCoin Desk
Center

Here is how Drift attackers drained more than $270 million using a Solana feature designed for convenience

The exploit did not involve a bug in Drift's code. It used "durable nonces," a legitimate Solana transaction feature, to pre-sign administrative transfers weeks before executing them, bypassing the protocol's multisig security in minutes.

·Manila, Philippines (the)
Read Full Article
BleepingComputerBleepingComputer
Center

Drift loses $280 million as hackers seize Security Council powers

The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation.

Read Full Article
unchainedcrypto.comunchainedcrypto.com
Center

Circle Faces Backlash for Failing to Freeze Stolen USDC During $285 Million Drift Exploit

Crypto community members like ZachXBT criticized Circle of inaction while stolen USDC moved through its bridge during the Drift Protocol hack.

Read Full Article
cybernoz.comcybernoz.com

North Korea–linked hackers drain $285M from Drift in sophisticated attack

North Korea–linked hackers drain $285M from Drift in sophisticated attack Pierluigi Paganini April 03, 2026 Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highly sophisticated attack likely linked to North Korea. Threat actors used durable nonce accounts to pre-sign and delay transactions…

Read Full Article
coinspress.comcoinspress.com

From Drift to Curio: A Wave of Exploits Reveals DeFi’s Hidden Fragility

Summary: A major Solana-based DeFi protocol suffered a $280M exploit through an advanced administrative attack. The incident triggered market-wide declines […] The post From Drift to Curio: A Wave of Exploits Reveals DeFi’s Hidden Fragility appeared first on CoinsPress.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 75% of the sources are Center
75% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

Cointelegraph broke the news in on Thursday, April 2, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Cyberattacks icon

Cyberattacks

Security icon

Security

Ethereum icon

Ethereum

Cryptocurrency icon

Cryptocurrency

Blockchain icon

Blockchain

Science icon

Science

Business & Markets icon

Business & Markets

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal