金色财经
金色财经|Apr 02, 2026 05:25
[Drift Protocol: No Evidence of Seed Phrase Theft, Highly Sophisticated Attack Took Weeks of Preparation] According to a report by Jinse Finance, on April 2, Drift Protocol tweeted that a malicious actor gained unauthorized access through a novel attack involving durable nonce, swiftly taking over the governance authority of Drift's Security Council. The attack was highly sophisticated and took weeks of preparation, including the use of pre-signed transactions with durable nonce accounts to delay execution. Current investigations indicate that the incident was not caused by vulnerabilities in Drift's program or smart contracts; there is no evidence of seed phrase theft. The attacker gained access through unauthorized or forged transaction approvals (potentially involving social engineering). The attack ultimately resulted in the extraction of approximately $280 million from the protocol. All lending, treasury deposits, and trading funds were affected. DSOL (assets not deposited into Drift, including those staked with Drift validators) and insurance fund assets remain unaffected, with the latter being withdrawn for protection. As a precautionary measure, all remaining protocol functions have been frozen, and the multisig has been updated to remove compromised wallets.
Share To

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads