Drift Protocol, a major Solana-based decentralized exchange, suffered a significant exploit on April 1, 2026, resulting in the theft of approximately $285 million in various cryptocurrencies. The attack, identified as a social engineering exploit, compromised an administrator key, allowing the attacker to manipulate withdrawal limits and drain funds from nearly 20 vaults. While initial speculation pointed to smart contract vulnerabilities, investigations revealed the attacker leveraged a compromised key to list a fraudulent market and bypass security controls. Stolen assets included JLP tokens, USDC, WETH, and other Solana-native tokens, with portions bridged to Ethereum. Drift Protocol swiftly suspended deposits and withdrawals, and is coordinating with security firms to contain the incident. The DRIFT token experienced a substantial price drop following the news. This marks the second-largest exploit in Solana’s history, impacting the broader Solana ecosystem and raising concerns about administrative key security within DeFi protocols. The incident has led to a decline in total value locked on Solana and a roughly 6% drop in SOL's price.
Source Articles
This article is based on analysis of 9 source articles from our news database.
