Ethical Hacking News
Drift Protocol has suffered a devastating $280 million security breach, with an attacker exploiting administrative powers and executing malicious transactions that drained funds from the platform. The incident highlights the vulnerability of DeFi platforms to sophisticated attacks and underscores the importance of robust security measures, regulatory oversight, and coordination between industry stakeholders.
The DeFi trading platform Drift Protocol has suffered a devastating security breach resulting in at least $280 million loss. The attacker exploited administrative powers, gained control of the Security Council, and executed malicious transactions. The attack was carried out between March 23-30, with the attacker pre-signing transactions before executing them. Drift Protocol estimates losses at $280 million, while PeckShieldAlert calculates them at $285 million. The platform's functions are now frozen due to the attack, which highlights vulnerabilities in DeFi platforms.
The DeFi trading platform, Drift Protocol, has suffered a devastating security breach that has resulted in the loss of at least $280 million. According to a report by PeckShield, the attacker exploited the platform's administrative powers, taking control of its Security Council, and executed a series of malicious transactions that drained funds from the platform.
The attack is believed to have occurred between March 23 and 30, with the attacker setting up durable nonce accounts and obtaining 2/5 multisig approvals from Security Council members to meet the required threshold. This enabled them to pre-sign malicious transactions that weren't executed immediately. On April 1st, the attacker performed a legitimate transaction and immediately executed the pre-signed malicious transactions, transferring admin control to themselves within minutes.
Having gained admin control, the attacker introduced a malicious asset, removed withdrawal limits, and eventually drained funds from the platform. The attack was carried out with precision and sophistication, using tactics such as delaying execution and striking at a chosen time.
Drift Protocol estimates that the losses are around $280 million, while blockchain tracking account PeckShieldAlert has calculated them at $285 million. As a result of the attack, borrow/lend deposits, vault deposits, and trading funds have been affected, and all protocol functions are now essentially frozen.
The platform is now working with security firms, cryptocurrency exchanges, and law enforcement authorities to trace and freeze the stolen funds. Drift promised to publish a detailed post-mortem report in the coming days.
This attack highlights the vulnerability of DeFi platforms to sophisticated attacks. The use of durable nonce accounts and pre-signed transactions by the attacker demonstrates a high level of planning and expertise. It also underscores the importance of robust security measures, including multisig approvals and secure transaction execution.
Drift Protocol's security breach serves as a wake-up call for the cryptocurrency and blockchain industries, highlighting the need for increased vigilance and proactive measures to prevent similar attacks in the future.
The incident also sheds light on the importance of regulatory oversight and coordination between platforms, exchanges, and law enforcement agencies. The fact that Drift was able to quickly respond to the breach and issue a public warning to users is a testament to its commitment to transparency and user safety.
As the cryptocurrency market continues to evolve, it's essential for platforms like Drift Protocol to prioritize security and take proactive steps to prevent similar attacks in the future. This incident serves as a reminder that the security of DeFi platforms is crucial to maintaining trust and confidence in these emerging markets.
In conclusion, the $280 million security breach at Drift Protocol highlights the sophistication and planning required to carry out such an attack. It underscores the importance of robust security measures, regulatory oversight, and coordination between industry stakeholders. As the cryptocurrency market continues to grow, it's essential for platforms like Drift to prioritize security and take proactive steps to prevent similar attacks in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Drift-Protocols-280-Million-Security-Breach-A-Sophisticated-Attack-on-DeFi-Trading-Platform-ehn.shtml
https://www.bleepingcomputer.com/news/security/drift-loses-280-million-as-hackers-seize-security-council-powers/
https://thehackernews.com/2025/09/salesloft-takes-drift-offline-after.html
Published: Thu Apr 2 14:19:26 2026 by llama3.2 3B Q4_K_M
