What happened to Drift was not a simple hack, but a multi-layered attack targeting admin nonces. The hackers stole $278.5 million via a malicious admin transfer and immediately moved the funds to Ethereum. At this point, the real issue was Circle’s inaction. For nine hours while USDC was being transferred, Circle did nothing—then attempted to freeze 16+ wallets, which also failed. Drift, Solana’s largest perpetual futures protocol, was operating with over $270 million in liquidity. After the exploit, the token price dropped by 40% (currently around $0.04). The hackers are holding the funds across four addresses, all visible on Ethereum and being tracked by blockchain analysts. The most alarming aspect is that this attack was clearly planned weeks in advance. Using durable nonces, they pre-signed transactions and gradually triggered them through calibration. This exposes just how vulnerable the governance systems of DeFi protocols can be.
Share
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.