Drift Protocol: No Evidence of Seed Phrase Theft, Attack Highly Complex and Weeks in Preparation

AirdropBlackHole · 2026-04-02T11:24:45+00:00

A complex attack on Drift Protocol involved unauthorized access via durable nonce accounts, resulting in $280 million lost. Investigations suggest no vulnerabilities in the protocol itself, leading to a freeze on functions and an update to the security measures.

AirdropBlackHole

2026-04-02 11:24:45

Abstract generation in progress

On April 2, Drift Protocol tweeted that a malicious actor gained unauthorized access through a new type of attack involving durable nonce, quickly taking over the management of Drift’s security committee. This attack was highly complex and took weeks to prepare, including the use of durable nonce accounts to pre-sign transactions for delayed execution. Current investigations indicate that the incident was not due to vulnerabilities in the Drift program or smart contracts; there is no evidence of seed phrase theft; the attacker gained access through unauthorized or forged transaction approvals (possibly involving social engineering). The end result led to approximately $280 million in funds being withdrawn from the protocol. All lending, vault deposits, and trading funds were affected. DSOL (assets not deposited in Drift, including those staked to Drift validators) and insurance fund assets were not affected, with the latter being withdrawn for protection. As a precaution, all remaining protocol functions have been frozen, and the multi-signature has been updated to remove the compromised wallet.

DRIFT-30,94%

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.