#DriftProtocolHacked

The $280M Breach: Unpacking the Drift Protocol Governance Attack
On April 1, 2026, the Solana DeFi landscape was rocked by what many initially hoped was a cruel April Fools’ joke. Instead, it was the most sophisticated exploit of the year: a $280M+ drain of Drift Protocol, marking the second-largest hack in Solana’s history.
The Anatomy of the Attack
This wasn't a simple "copy-paste" code bug. It was a week-long, coordinated surgical strike that bypassed Drift’s 5-of-5 multisig security.
The "Durable Nonce" Exploit: Attackers weaponized a legitimate Solana feature—durable nonces—to pre-sign malicious transactions, sitting on them until the perfect moment to strike.
Social Engineering: The attackers reportedly compromised 2 out of the 5 multisig signers. By gaining partial governance control, they dismantled withdrawal limits and listed "ghost" collateral.
The 8-Day Lead-Up: On-chain data shows the attacker meticulously prepping accounts for over a week, waiting for a specific shift in Drift’s security configuration.
The Fallout: By the Numbers
The execution took mere minutes, but the damage is generational for the protocol:
TVL Collapse: Plunged from $550M to $24M almost overnight.
Token Impact: $DRIFT plummeted 40%, currently trading around $0.040.
Assets Drained: A massive haul of USDC, wBTC, and SOL was bridged out to obscure the trail.
Hard Lessons for DeFi 2026
The Drift hack proves a terrifying reality: Code audits aren't enough if your governance is vulnerable. Even a 5-of-5 multisig can fail if the human element is compromised.
Critical Action for Users:
Stop All Deposits: The protocol is in triage mode.
Revoke Permissions: Use tools like Solflare or Phantom to revoke any open approvals to Drift contracts immediately.
Verify Links: Scammers are already circulating "refund" phish links. Follow only official channels.
This incident is a sobering reminder that in the world of high-leverage perps, the greatest risk isn't the market—it’s the infrastructure.
‍#Gate广场四月发帖挑战 #Solana #DeFiSecurity