In a major setback for the decentralized finance sector, Drift has reported losses exceeding $280 million (₹2,350 crore) following a recent cyberattack. The platform confirmed it was facing an active breach and temporarily paused deposits and withdrawals to contain the situation. “This is not an April Fool’s joke,” the team said.
The attack was linked to unauthorized access, where the exploiter gained control of the protocol’s Security Council administrative powers through what Drift described as a “novel attack.” Initial estimates of $200 million were later revised after CertiK reported losses exceeding $280 million, involving multiple tokens including stablecoins and tokenized bitcoin. CertiK called it the largest security breach recorded in 2026, a claim later confirmed by Drift.
Investigations revealed that more than $270 million worth of crypto assets were converted into USD Coin, with indications that funds could be further moved into ethereum, according to Lookonchain. Analysts noted that the attacker secured 2 out of 5 required signatures needed to approve a multisignature transaction.
Drift explained that the breach involved pre-signed durable nonce transactions along with compromised approvals from multiple signers. The attack was likely enabled through targeted social engineering or misrepresentation of transaction details. Further analysis suggested that the attacker modified the multisignature setup, gaining administrative control by shifting to a new configuration with fewer approval requirements.
Security experts pointed out that Drift had recently introduced a new multisignature system, but not all previous signers were included. The wallet operated on a 2-out-of-5 approval threshold without any delay mechanism, allowing immediate execution of transactions.
Additional findings showed that the attacker’s initial funding activity began around 12 hours before a Drift-related event on March 25, raising concerns over possible operational security gaps.
Data from PeckShield revealed that March recorded 20 major crypto incidents with losses of $52 million, far lower than this single breach. The scale and method of the attack have intensified scrutiny around security practices in DeFi platforms.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
