PANews丨APP全面升级|4月 02, 2026 03:06
SlowMist: Drift's multisig mechanism was modified a week before the hack, followed by an admin key leak
SlowMist published a breakdown of the Drift attack chain:
One week before the incident, Drift adjusted its multisig mechanism to '2/5' (1 old signer + 4 new signers) without implementing a Timelock, leaving a vulnerability exposed.
The attacker then gained admin privileges and executed the following steps: forged CVT tokens → manipulated the oracle → disabled security mechanisms → transferred high-value assets from the liquidity pool. The entire attack chain was executed seamlessly.
SlowMist pointed out that the lack of Timelock protection after the multisig modification was a critical factor that allowed the attack to progress so quickly.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink