Solana Drift Protocol drained of $285M via fake token and governance hijack
3 hours ago
- #Governance Exploit
- #Solana Security
- #DeFi Hack
- Attackers stole $285 million from Drift Protocol, Solana's largest perpetual futures exchange, on April 1, 2026.
- The exploit targeted governance via durable nonces and social engineering, not smart contract vulnerabilities.
- North Korean hackers likely conducted the attack, using a fake token (CarbonVote Token) with artificially inflated prices as collateral.
- Funds were laundered through bridges to Ethereum, with about 129,066 ETH accumulated, and criticism aimed at Circle for not freezing stolen USDC.
- Drift's total value locked dropped from $550 million to $252 million, affecting nearly 20 other DeFi protocols.
- This is the largest DeFi hack of 2026 and the second-largest in Solana's history.
- Audits by Trail of Bits and ClawSecure missed governance weaknesses, highlighting a gap in DeFi security reviews.