Drift Protocol Hack Drags DRIFT Token To Record Low – $280 Million Exploit Rocks Solana DeFi

• The DRIFT token fell to an all-time low before partially recovering.
• The incident also weighed on Solana, which declined by more than 7% during the broader market selloff and was the worst-hit among the top 10 cryptocurrencies by market capitalization. 
• The platform has frozen operations and is working with partners and authorities to track and recover funds.

Drift Protocol’s (DRIFT) native token hit an all-time low over the past day after the decentralized exchange based on Solana (SOL) was hacked for $280 million. 

“Earlier today, a malicious actor gained unauthorized access to Drift Protocol through a novel attack involving durable nonces, resulting in a rapid takeover of Drift’s Security Council administrative powers,” the firm said in a post on X. “As a result, approximately $280M was withdrawn from the protocol.”

DRIFT’s price tumbled to a record low of $0.038 after the incident, before paring its losses. The altcoin was still down 21% in the last 24 hours at the time of writing, trading at around $0.045. Retail sentiment around DRIFT’s token on Stocktwits improved to ‘bullish’ from ‘neutral’ over the past day, and chatter rose to ‘extremely high’ from ‘high’ levels. 

Drift Protocol Hack Weighs On Solana Ecosystem

The fallout from the hack extended beyond Drift. Solana was the worst-hit among the top 10 cryptocurrencies amid the current selloff. Solana’s price fell more than 7% in the last 24 hours to around $77. Retail sentiment around the altcoin on Stocktwits trended in ‘neutral’ territory over the past day, and retail chatter remained at ‘high’ levels.

 

Attack Leveraged Durable Nonce Exploit

Drift said the hack was a “highly sophisticated operation” that was weeks in the making. According to the firm, the attacker used durable nonce accounts, which allow pre-signed transactions to be executed at a later time, to pre-position access to the system.

The attacker also secured multisignature approvals in advance, potentially through social engineering or misrepresented transactions. This combination enabled control over protocol-level permissions, including the ability to introduce a malicious asset and remove withdrawal limits.

Drift said the exploit did not stem from a smart contract vulnerability or a compromised seed phrase.

Protocol Operations Halted After Breach

Following the attack, Drift said all deposits across its borrow-lend system, vaults, and trading accounts were affected. Tokens reportedly involved in the exploit include JLP, SOL, USDC, cbBTC, and wBTC.

“As a precautionary measure, all remaining protocol functions have been frozen, and the multisig has now been updated to remove the compromised wallet,” the company said.

Drift added that it is working with exchanges, cross-chain bridges, and law enforcement agencies to trace and potentially recover the stolen funds.

Read also: Bitcoin Falls Below $67,000 After Oil Spikes, Trump's Iran Warning Rattles Risk Assets

For updates and corrections, email newsroom[at]stocktwits[dot]com.