Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / Cryptopolitan /
BREAKING: Drift Protocol Under Massive Attack - Over $270M Feared Stolen in Solana DEX Exploit

BREAKING: Drift Protocol Under Massive Attack - Over $270M Feared Stolen in Solana DEX Exploit

Author:
Cryptopolitan
Published:
2026-04-01 18:53:10
20
2

Drift Protocol suffered an ongoing attack against all its vaults, with over $270M feared stolen within an hour

A major security breach is unfolding at Drift Protocol, one of Solana's leading decentralized exchanges, with on-chain data revealing suspicious transactions exceeding $200M and liquidity plummeting nearly 50% within an hour. The exploit, flagged by Solana influencer Mert Mumtaz who urgently called for Circle's intervention, marks the largest Web3 attack in weeks and threatens multiple vaults across the protocol.

What caused the Drift Protocol loss? 

The exploit was intercepted within the first hour, showing a series of suspicious transactions. The latest transfer was for 10,000 SOL sent to a new wallet. Drift protocol confirmed the exploit, calling users not to deposit funds and to stop trading. The team did not explain how it would stop the attack, but for now, Phantom Wallet has stopped access to the protocol.  

We are observing unusual activity on the protocol. We are currently investigating. Please do not deposit funds into the protocol while we investigate. This is not an April Fools joke. Proceed with caution until further notice. We’ll provide additional updates from this account.

— Drift (@DriftProtocol) April 1, 2026

The losses came in a series of transactions originating from a single Drift Protocol account, potentially signaling that a user had full control of assets. The outgoing transactions included SOL, JitoSOL, WETH, FARTCOIN, USDC, SyrupUSDC, and other assets. Some of the stolen assets, like cbBTC, may be frozen by the issuer if intercepted on time before swapping. 

The attack was ongoing, constantly adding new assets supported by Drift, including JLP, over $2M in mSOL, INF, dSOL, and other tokens. The exploiter also took a little over 282 BTC and minted a new token to taunt Drift Protocol.

Some of the funds were sent to ChainFlip and swapped into USDC, a token that could hypothetically be frozen if Circle reacted on time. Some of the funds were sent to Ethereum wallets, potentially ready to be mixed and obscure their tracks. Funds are also moving to Raydium, Orca, Meteora, and other intermediary wallets.

Drift Protocol may be the biggest Web3 attack of this crypto cycle

The DEX hack is even bigger than the $60M exploit of Cetus Protocol in the summer of 2025. Cetus Protocol ended up losing over $223M. Before the exploit, Drift Protocol held over $550M in total value locked, becoming an attractive target for Web3 hackers. The protocol also carried nearly $70M in daily perpetual futures trading. 

The attack has the potential to become the most serious Web3 event in the past two years, surpassing other similar exploits. The exploit follows the usual practice of moving and swapping assets quickly, instead of leaving them in intermediary wallets. The exploiter was prepared eight days before the exploit, using multiple Web3 assets, including the Wormhole bridge. 

so, drift protocol vault was drained and I found some interesting things onchain:

drainer [ HkG…ZES ] was funded 8 days ago via near intents, but was inactive and suddenly received huge amounts from drift vault (a)

drainer transferred/swapped the amount to launderer [… pic.twitter.com/aheY3PHx3t

— aryan | 🐂 (@_0xaryan) April 1, 2026

The attack targeted Solana just as it emerged as the leading DEX destination for token trading and perpetual futures. The event also resolved a Polymarket pair predicting another large-scale crypto hack above $100M by the end of the year. 

After the hack, the protocol turned out to lack a Certik audit and to have some governance vulnerabilities. While the audit is not a guarantee, it may remove obvious exploit points. On-chain researchers noticed a test transaction a week before the true exploit, signaling the attacker was aware of the protocol’s weak points. 

Drift Protocol’s native DRIFT token fell by 10% in the first hours after the hack, down to $0.059. The attacker controls 2.5% of the FARTCOIN supply and may also crash the price of other assets. The wrapped BTC and ETH may also cause disparities with the main asset, affecting other protocols as well.

Despite the slower Web3 activity, protocols remain attractive for exploits, with multiple techniques, including supply chain attacks. In the initial stage of the exploit, the exact cause of the hack and the ability of the exploiter to empty multiple liquidity vaults remain without a clear explanation. 

The smartest crypto minds already read our newsletter. Want in? Join them.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2026 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.