Home
News
Details

Drift Protocol Exploit Drains $285M, USDC Moved via CCTP Without Intervention

iconCoinEdition
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
USDC
$0.9997-0.01%
This is the logo of the coin.
SOL
$84.160.05%
This is the logo of the coin.
ETH
$2,240.741.03%
AI summary iconSummary

expand icon
A DeFi exploit on April 1, 2026, drained $285 million from Drift Protocol, slashing its TVL from $311.38 million to $23.49 million in hours. The attacker moved USDC from Solana to Ethereum via Circle’s CCTP without intervention. On-chain investigator ZachXBT noted no action from Circle, despite prior freezes. The protocol update failed to stop the rapid, large-scale transfers, exposing gaps in cross-chain monitoring.
  • Drift exploit drained up to $285M as TVL fell from $311.38M to $23.49M within hours.
  • USDC moved from Solana to Ethereum via CCTP with no pause or freeze.
  • Circle froze 16 wallets last week but took no action during the hack, as per ZachXBT.

A major exploit hit the Drift Protocol on April 1, 2026, during US business hours. The attack drained as much as $285 million, and the total value locked (TVL) dropped fast, from $311.38 million to $23.49 million, a 92.5% collapse in protocol liquidity within hours.

The attacker quickly consolidated and swapped assets into USDC and SOL, with the USDC then bridged to Ethereum via Circle’s CCTP over several hours.

On-chain investigator ZachXBT flagged the movement in real time. His claim was that Circle did not act.

CCTP Processes Transfers Without Resistance

CCTP works by burning USDC on the source chain and minting it on the destination chain. This system processed nine-figure flows tied to the exploit.

There was no pause, no freeze, and no manual review. ZachXBT stated that Circle did not detect or act on anything, pointing to a lack of monitoring at the protocol level.

The issue is not technical complexity, and the flows were large, rapid, and abnormal. They still passed. This highlights a gap, as cross-chain infrastructure processes transfers as intended but lacks enforcement mechanisms.

Prior Wallet Freezes Raise Questions

This stands in contrast to earlier actions, when Circle by mistake froze over 16 business-linked wallets. Those wallets are still in the process of being unfrozen.

While the issuer was the same, the actions taken were different. Market participants called out the mismatch. One noted that Circle could freeze internal wallets but failed to stop nine-figure exploit flows through CCTP.

The Drift exploit ran during active hours while monitoring teams were online. Still, no action, and market participants expressed disappointment.

Related: DeFi Hacks Top $137M in Early 2026 as Security Failures Mount

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.