Drift Protocol Experiences $285M Exploit, Suspend Deposits and Withdrawals
Aime Summary- Drift Protocol, a Solana-based decentralized exchange, reported a significant exploit involving $285 million in assets drained from its vaults.
- The attack is suspected to have exploited a fake token and a compromised admin key, enabling oracle manipulation that allowed the unauthorized outflow of funds.
- The stolen assets include a wide array of tokens, such as stablecoins, wrapped BitcoinWBTC--, liquid staking tokens, and memecoins, with the majority moved to Ethereum via cross-chain bridges.
Drift Protocol has temporarily suspended deposits and withdrawals as it investigates the exploit and collaborates with security firms to trace the funds. Blockchain sleuths identified a large outflow of assets, with over $285 million transferred to multiple wallets and laundered through exchanges like JupiterJUP--. This exploit marks one of the largest in SolanaSOL-- history, second only to the 2022 Wormhole breach.
The Drift Protocol's Total Value Locked (TVL) dropped from $550 million to less than $250 million following the breach. Major vaults such as JLP Delta Neutral, SOL Super Staking, and BTC Super Staking were targeted. Users are advised to avoid depositing funds and to revoke wallet approvals until further notice.
The DRIFT token experienced a significant price drop, falling over 25% to below $0.064, raising concerns about investor confidence in the platform. According to blockchain security firm Immunefi, 83% of tokens from hacked platforms fail to recover pre-hack prices. This event has highlighted the vulnerabilities in smart contract security, private key management, and oracle manipulation within the DeFi ecosystem.
DeFi Development Corp. (DFDV), a public company focused on Solana, confirmed it has no exposure to the exploit and reiterated its disciplined treasury strategy. The company's risk management approach and operational resilience remain unaffected by the Drift Protocol incident.
Onchain investigator ZachXBT criticized Circle for not freezing stolen USDC during the exploit. The attacker moved assets through Circle's Cross-Chain Transfer Protocol (CCTP) to EthereumETH--, avoiding TetherUSDT-- (USDT), suggesting anticipation of no intervention.
Drift Protocol remains under active investigation, with no confirmed exploit vector yet identified. Blockchain tools are tracking the suspicious wallet for further activity, and the team is working to restore platform security and transparency.
Investors and users are advised to monitor official channels for updates on the status of the investigation and any potential mitigation measures.
Blending traditional trading wisdom with cutting-edge cryptocurrency insights.
Latest Articles
Stay ahead of the market.
Get curated U.S. market news, insights and key dates delivered to your inbox.
AInvest
PRO
AInvest
PRO
Comments
No comments yet