How Solana's Largest Perp DEX Was Exploited for $285 Million
- โข
The Drift exploit was a masterclass in methodical planning - The attacker spent over three weeks preparing the hack, timing the execution for April Fool's Day to create confusion while draining over half of the protocol's total value locked.
โThis one was very technical, well thought out. And from what we know today, spend at least three weeks.โ
- โข
Multi-sig security without time locks is a critical vulnerability - Drift migrated to a 2-of-5 multi-sig shortly before the attack, but the lack of an execution delay allowed the hacker to seize control immediately after compromising developer machines via a supply chain attack.
โNotably, it had zero time lock on any of the functions it could execute.โ
- โข
Oracle manipulation remains a potent DeFi death blow - The hacker created a fake token (CVT), whitelisted it as collateral using compromised admin keys, and manipulated its price via a custom oracle to borrow and drain the protocol's blue-chip assets.
โThis enabled the user or the exploiter to add CVT as a new collateral asset on the Drift Protocol. So depositing it as collateral, they then continued to pump the price of that pool, because they also, as they could figure the market, could decide which oracle was being used.โ