Massive Crypto Heist Targets Drift Protocol, Losses Estimated at Over $285 Million
On Wednesday, decentralized finance (DeFi) platform Drift Protocol confirmed it was under an active cyberattack, leading to the suspension of deposits and withdrawals. The company issued multiple alerts, acknowledging "unusual activity" and urging users to refrain from depositing funds while coordinating with security firms, blockchain bridges, and exchanges to contain the breach.
Blockchain security experts estimate the theft could exceed $285 million, with some firms reporting at least $130 million in stolen cryptocurrency. The attacker has been observed rapidly converting the stolen funds into other digital assets, complicating recovery efforts. The exact method of the exploit remains under investigation, with crypto analysts debating how the breach occurred.
Launched in 2021, Drift operates on the Solana blockchain, offering services like borrowing, lending, and trading. Despite undergoing multiple code audits in 2023 and 2024, the platform fell victim to what appears to be the largest crypto theft of 2024 surpassing earlier incidents involving $26 million and $40 million in losses. Last year, blockchain security firm Chainalysis tracked $3.4 billion in crypto thefts, including a $1.5 billion heist from Dubai-based Bybit.
Drift has not yet disclosed the total amount stolen or provided further details on the attack. The incident underscores ongoing vulnerabilities in DeFi platforms, even those with recent security audits.
Source: https://therecord.media/drift-crypto-heist-solana-hacker
Drift Labs cybersecurity rating report: https://www.rankiteo.com/company/driftprotocol
"id": "DRI1775082350",
"linkid": "driftprotocol",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Cryptocurrency/Blockchain',
'name': 'Drift Protocol',
'type': 'DeFi Platform'}],
'customer_advisories': 'Users alerted about unusual activity and suspension '
'of services',
'data_breach': {'data_exfiltration': 'Yes (funds converted to other digital '
'assets)',
'sensitivity_of_data': 'High (financial assets)',
'type_of_data_compromised': 'Cryptocurrency funds'},
'date_detected': '2024-07-10',
'date_publicly_disclosed': '2024-07-10',
'description': 'Drift Protocol, a decentralized finance (DeFi) platform, '
'confirmed an active cyberattack leading to the suspension of '
'deposits and withdrawals. Blockchain security experts '
'estimate the theft could exceed $285 million, with the '
'attacker converting stolen funds into other digital assets. '
'The exact method of the exploit remains under investigation.',
'impact': {'brand_reputation_impact': 'Significant (largest crypto theft of '
'2024)',
'financial_loss': '$285 million (estimated)',
'operational_impact': 'Suspension of deposits and withdrawals',
'systems_affected': 'Drift Protocol platform (deposits and '
'withdrawals suspended)'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Ongoing vulnerabilities in DeFi platforms despite recent '
'security audits',
'motivation': 'Financial gain',
'references': [{'source': 'Blockchain security experts'}],
'response': {'communication_strategy': 'User alerts and advisories',
'containment_measures': 'Suspension of deposits and withdrawals',
'incident_response_plan_activated': 'Yes',
'third_party_assistance': 'Security firms, blockchain bridges, '
'exchanges'},
'stakeholder_advisories': 'Users advised to refrain from depositing funds',
'title': 'Massive Crypto Heist Targets Drift Protocol',
'type': 'Crypto Heist'}