- Drift Protocol exploit: Solana-based perpetuals DEX lost between $200 million and $285 million in a suspected attack on April 1, 2026.
- Platform response: Team confirmed “active attack,” suspended deposits and withdrawals, and urged users to proceed with caution.
- On-chain impact: Approximately 980,000 SOL and other assets drained; funds swapped to stablecoins with some bridged via Circle’s CCTP.
- Token reaction: Native DRIFT token crashed more than 40% amid the incident.
- Context: Described as the largest DeFi hack of 2026 so far; investigation ongoing with security firms.
Solana-based decentralized perpetuals exchange Drift Protocol has become the target of the year’s largest DeFi exploit, with on-chain analysts estimating losses between $200 million and $285 million.
The platform confirmed an “active attack” on April 1, 2026, in a post on X, stating it was investigating unusual activity and instructing users not to deposit funds while the review continued. “This is not an April Fools joke,” the team emphasized. Deposits and withdrawals were immediately paused.
On-chain data shared by analysts at Lookonchain and Peckshield showed roughly 980,000 SOL and additional assets transferred from Drift vaults to a suspicious address. Stolen funds were rapidly swapped into stablecoins, with portions bridged to Ethereum using Circle’s CCTP protocol, according to blockchain security reports.
The exploit was described as affecting at least $200 million, while estimates reaching $285 million—more than half of the protocol’s total value locked at the time. CoinDesk noted that the platform urged users to halt deposits pending further updates.
The incident marks a significant setback for Solana DeFi, which has seen rapid growth in perpetuals trading volume. Industry observers highlighted ongoing risks around smart-contract security, oracle manipulation, and admin-key vulnerabilities, even as protocols implement advanced safeguards.
Drift’s native token DRIFT fell sharply, dropping more than 40% in the hours following the disclosure. The team said it is coordinating with security firms and will provide further updates. No user funds outside the protocol’s vaults appear to have been directly affected, though the breach underscores persistent challenges in DeFi security.
Disclaimer: This article is for informational purposes only and does not constitute advice of any kind. Readers should conduct their own research before making any decisions.
© Cryptopress. For informational purposes only, not offered as advice of any kind.
