Drift Protocol Hack: What Really Happened

On April 1, 2026, Solana's Largest Perps DEX Drift Protocol was exploited for $285M, the biggest DeFi hack of 2026.

This wasn't a smart contract bug. It was a 6-month social engineering operation linked to North Korean state hackers.

How It Happened:
→ Attackers posed as a quant trading firm since Fall 2025
→ Met Drift team face-to-face at multiple conferences
→ Deposited $1M+ of their own capital to build trust
→ Compromised contributor devices through malicious code repos and a fake wallet app
→ Used Solana's "durable nonces" to pre-sign admin transfers weeks in advance
→ Drained $285M in just 12 minutes
→ Scrubbed all evidence instantly after the attack

Key Impact:
→ DRIFT token dropped 47%+
→ TVL collapsed from $550M to under $250M
→ 12+ Solana protocols affected
→ Circle facing backlash for not freezing $232M USDC fast enough
→ Mandiant engaged for investigation

Biggest Lesson:
Audits alone are NOT enough. DeFi's weakest link is now the human layer. Every team must enforce timelocks, audit access controls and treat every multisig device as a potential target.

Stay cautious. Stay informed.