Drift Protocol halts operations after suspected $285m exploit as funds move across wallets

ambcryptoPublicado em 2026-04-01Última atualização em 2026-04-01

Resumo

Drift Protocol has halted deposits and withdrawals after confirming an active attack, with initial estimated losses around $285 million. Blockchain security firm PeckShield reported the losses span multiple assets, including $71.4M in USDC and $159.3M in JLP, among others. The attacker has begun moving funds across wallets, likely to obscure transaction trails. Unverified reports suggest the exploit may have involved a compromised administrative key, allowing manipulation of protocol parameters, though this remains unconfirmed. The incident reflects a trend of sophisticated DeFi attacks targeting governance and internal controls. An investigation is ongoing with no timeline for restoring operations.

Drift Protocol has halted deposits and withdrawals after confirming it is experiencing an active attack, with early estimates suggesting losses could reach hundreds of millions of dollars.

The protocol disclosed the incident in a public update on 1 April, stating that it is coordinating with security firms, bridges, and exchanges to contain the situation.

“This is not an April Fools joke,” the team said, adding that further updates will follow as the investigation develops.

Estimated losses near $285m as breakdown emerges

Blockchain security firm PeckShield estimated the initial losses at around $285m, based on early on-chain analysis.

A breakdown shared by the firm suggests the exploit spans multiple assets, including:

$71.4m in USDC
$159.3m in JLP
Smaller amounts across USDT, WETH, wrapped BTC, and Solana-based assets

While the figures remain preliminary, the scale places the incident among the larger DeFi exploits in recent months.

Funds begin moving across wallets

Separate on-chain tracking indicates that the attacker has already begun moving funds across multiple wallets. This is a pattern typically associated with attempts to obscure transaction trails.

Initial flows suggest assets are being split and transferred through different addresses, with some movements potentially involving cross-chain bridges. This behavior is consistent with past exploits where attackers rapidly redistribute funds to reduce traceability and recovery risk.

At the time of writing, there has been no confirmed recovery of funds.

Unverified reports point to potential exploit mechanism

Unconfirmed reports circulating on social media suggest the attacker may have gained access to a privileged administrative key, allowing them to modify protocol parameters.

According to these accounts, the attacker allegedly manipulated collateral settings, inflated the value of a low-liquidity asset, and used it to borrow higher-value tokens before draining liquidity from the system.

However, these claims remain unverified, and Drift Protocol has not confirmed the attack vector.

A growing pattern of complex DeFi exploits

The incident adds to a broader trend of increasingly sophisticated exploits targeting decentralized finance protocols, where vulnerabilities often extend beyond simple smart contract bugs.

In several recent cases, attackers have exploited governance controls, oracle mechanisms, or internal parameter systems rather than purely external vulnerabilities.

If confirmed, the suspected method in this case would reflect a similar pattern, highlighting how complex protocol design and privileged access controls can introduce new risk surfaces.

Investigation ongoing

Drift Protocol said it is working with multiple partners to investigate the breach and contain further damage. No timeline has been provided for restoring normal operations.

The full scope of the exploit, including the exact attack vector and potential recovery efforts, remains unclear.

Final Summary

Drift Protocol has paused operations following an active attack, with early estimates placing losses at around $285m.
While funds are already being moved on-chain, the exact exploit method remains unconfirmed as investigations continue.

Perguntas relacionadas

QWhat is the estimated financial loss from the Drift Protocol exploit according to initial on-chain analysis by PeckShield?

AThe estimated financial loss from the Drift Protocol exploit is approximately $285 million.

QWhat specific action did Drift Protocol take in response to the active attack?

ADrift Protocol halted all deposits and withdrawals in response to the active attack.

QWhat is one of the unverified potential mechanisms for the exploit that was circulating on social media?

AUnverified reports on social media suggested the attacker may have gained access to a privileged administrative key, allowing them to modify protocol parameters, manipulate collateral settings, and drain liquidity.

QWhich two assets made up the largest portions of the stolen funds according to the breakdown?

AAccording to the breakdown, the two largest portions of the stolen funds were $159.3 million in JLP and $71.4 million in USDC.

QWhat broader trend in decentralized finance (DeFi) does this incident contribute to?

AThis incident contributes to the broader trend of increasingly sophisticated exploits targeting DeFi protocols, where vulnerabilities often extend beyond simple smart contract bugs to include governance controls, oracle mechanisms, or internal parameter systems.

Leituras Relacionadas

$292 Million KelpDAO Cross-Chain Bridge Hack: Who Should Foot the Bill?

On April 18, 2026, an attacker stole 116,500 rsETH (worth ~$292M) from KelpDAO’s cross-chain bridge in 46 minutes—the largest DeFi exploit of 2026. The stolen assets were deposited into Aave V3 as collateral, causing $177–200M in bad debt and triggering a cascade of losses across nine DeFi protocols. Aave’s TVL dropped by ~$6B overnight. This legal analysis argues that KelpDAO and LayerZero Labs share concurrent liability, with fault apportioned 60%/40%. KelpDAO negligently configured its bridge with a 1-of-1 decentralized verifier network (DVN)—a single point of failure—despite LayerZero’s explicit recommendation of a 2-of-3 setup. LayerZero, which operated the compromised DVN, failed to secure its RPC infrastructure against a known poisoning attack vector. Both protocols’ terms of service cap liability at $200 (KelpDAO) or $50 (LayerZero), but these limits are likely unenforceable due to unconscionability, gross negligence exceptions, and potential securities law invalidation (if rsETH is deemed a security under the Howey test). Aave’s governance also faces fiduciary duty claims for raising rsETH’s loan-to-value ratio to 93%—far above competitors’ 72–75%—without adequately assessing bridge risks, amplifying the systemic fallout. Practical recovery targets include LayerZero Labs (a registered Canadian entity), KelpDAO’s founders, auditors, and identifiable Aave governance delegates. The incident underscores escalating legal risks for DeFi protocols, infrastructure providers, and governance participants.

marsbitHá 32m

$292 Million KelpDAO Cross-Chain Bridge Hack: Who Should Foot the Bill?

marsbitHá 32m

Insider Trading in War: 5 People Involved, the Highest Earner Was Arrested

On April 24, the U.S. Department of Justice arrested U.S. Army Special Forces Staff Sergeant Gannon Ken Van Dyke for insider trading related to the capture of Venezuelan President Nicolás Maduro on January 3. Van Dyke allegedly profited over $400,000 by placing bets on a prediction market, Polymarket, using insider knowledge of the covert operation. According to the indictment, Van Dyke registered an account (0x31a5) on December 26 and made a series of bets predicting Maduro’s capture and U.S. military involvement in Venezuela. He withdrew most of his funds on the day of the operation and attempted to obscure his tracks by transferring assets through crypto and brokerage accounts. This case marks the first time the DOJ has prosecuted insider trading on Polymarket. PolyBeats had previously identified five suspicious accounts, including Van Dyke’s—the highest earner—in January. The other accounts, with profits ranging from $34,000 to $145,000, remain under unofficial scrutiny but have not been charged. Their lower profits, indirect access to information, and unclear legal boundaries may complicate prosecution. Polymarket has since strengthened its market integrity rules, explicitly prohibiting trading based on confidential or insider information. Van Dyke’s arrest, nearly four months after his trades, signals increased regulatory attention and the persistent traceability of blockchain-based transactions.

marsbitHá 33m

Insider Trading in War: 5 People Involved, the Highest Earner Was Arrested

marsbitHá 33m

Bitcoin HODLing Intensifies: LTH Supply Jumps 303,000 BTC

Bitcoin long-term holders (LTHs), defined as investors holding coins for over 155 days, have significantly increased their supply by 303,500 BTC over the past month, indicating a shift toward HODLing behavior. This contrasts with the net distribution observed in late 2025. Meanwhile, short-term holders and spot ETFs have seen reduced supply. However, the recent price rally to around $77,600 is primarily driven by futures market demand, not spot buying—a pattern to January's short-lived surge. Analysts warn of potential corrections if profit-taking occurs amid weak spot demand.

bitcoinistHá 55m

Bitcoin HODLing Intensifies: LTH Supply Jumps 303,000 BTC

bitcoinistHá 55m

Bitwise: Bullish on Bitcoin's Performance in the Second Half of the Year, AI and Regulation Will Spark a New Altcoin Season

Bitwise CIO Matt Hougan and Research Lead Ryan Rasmussen express strong bullish sentiment on Bitcoin's long-term prospects, suggesting that its $1 million price target may be too conservative. They argue Bitcoin serves a dual role: as digital gold and a potential global settlement asset, especially amid declining trust in traditional monetary systems. Despite a weak Q1 2026 where nearly all crypto assets and prices saw double-digit declines, the analysts remain optimistic due to strong forward-looking catalysts, including institutional adoption via Bitcoin ETFs from major firms like Morgan Stanley and Goldman Sachs. Geopolitical instability, such as Iran’s mention of using Bitcoin for international payments, increases the value of Bitcoin’s “out-of-the-money call option” as a non-political, global settlement currency. This enhances its appeal beyond a mere store of value. . Additionally, Hougan highlights that a clearer regulatory token framework under current SEC leadership, combined with AI efficiency gains and high-performance blockchains, could fuel a new “altseason” by late 2026. This may lead to a wave of legitimate, value-capturing token projects, unlike the earlier ICO boom. . Bitwise also announced an Avalanche ETF, citing its unique architecture and rapid growth in real-world asset (RWA) tokenization, which has surged 10x to nearly $30 billion in two years. The firm believes Layer 1 blockchains are still early in their growth cycle, with significant potential ahead.

marsbitHá 1h

Bitwise: Bullish on Bitcoin's Performance in the Second Half of the Year, AI and Regulation Will Spark a New Altcoin Season

marsbitHá 1h

Bitcoin Rally To Near $80K Fuels Sharp Sentiment Rebound Across Crypto Markets

Bitcoin's recent rally towards $80,000 has driven a significant rebound in crypto market sentiment, with the Fear & Greed Index jumping 14 points to 46—its highest level since January. Analysts note that over 300,000 BTC have shifted from short-term to long-term holders in the past month, signaling stronger investor conviction. However, the rally appears largely driven by perpetual futures speculation rather than spot market demand, raising concerns about sustainability. Retail participation also remains subdued, limiting further sentiment gains. While entities like Strategy (formerly MicroStrategy) continue accumulating BTC, weak spot interest could lead to a price correction if profit-taking occurs.

bitcoinistHá 1h

Bitcoin Rally To Near $80K Fuels Sharp Sentiment Rebound Across Crypto Markets

bitcoinistHá 1h

Trading

Spot

Futuros

Artigos em Destaque

Como comprar DRIFT

Bem-vindo à HTX.com!Tornámos a compra de Drift Protocol (DRIFT) simples e conveniente.Segue o nosso guia passo a passo para iniciar a tua jornada no mundo das criptos.Passo 1: cria a tua conta HTXUtiliza o teu e-mail ou número de telefone para te inscreveres numa conta gratuita na HTX.Desfruta de um processo de inscrição sem complicações e desbloqueia todas as funcionalidades.Obter a minha contaPasso 2: vai para Comprar Cripto e escolhe o teu método de pagamentoCartão de crédito/débito: usa o teu visa ou mastercard para comprar Drift Protocol (DRIFT) instantaneamente.Saldo: usa os fundos da tua conta HTX para transacionar sem problemas.Terceiros: adicionamos métodos de pagamento populares, como Google Pay e Apple Pay, para aumentar a conveniência.P2P: transaciona diretamente com outros utilizadores na HTX.Mercado de balcão (OTC): oferecemos serviços personalizados e taxas de câmbio competitivas para os traders.Passo 3: armazena teu Drift Protocol (DRIFT)Depois de comprar o teu Drift Protocol (DRIFT), armazena-o na tua conta HTX.Alternativamente, podes enviá-lo para outro lugar através de transferência blockchain ou usá-lo para transacionar outras criptomoedas.Passo 4: transaciona Drift Protocol (DRIFT)Transaciona facilmente Drift Protocol (DRIFT) no mercado à vista da HTX.Acede simplesmente à tua conta, seleciona o teu par de trading, executa as tuas transações e monitoriza em tempo real.Oferecemos uma experiência de fácil utilização tanto para principiantes como para traders experientes.

254 Visualizações TotaisPublicado em {updateTime}Atualizado em 2025.03.21

Discussões

Bem-vindo à Comunidade HTX. Aqui, pode manter-se informado sobre os mais recentes desenvolvimentos da plataforma e obter acesso a análises profissionais de mercado. As opiniões dos utilizadores sobre o preço de DRIFT (DRIFT) são apresentadas abaixo.