- Trending
- Comments
- Latest
A sophisticated attack on Drift Protocol drained $285 million in 12 minutes on April 1, 2026, exposing a critical vulnerability in how decentralized finance platforms secure admin credentials and trust external price feeds.
The attacker exploited a manipulated oracle and a compromised admin key to execute the breach, then methodically converted stolen assets to USDC and bridged them across Solana and Ethereum while Circle, the stablecoin issuer declined to intervene.
The Drift Protocol exploit didn’t stop at a single protocol. More than ten Solana-based platforms reported disruptions as liquidity shockwaves rippled through the network.
In a calculated move, the attacker converted the majority of stolen assets into USDC before leveraging Circle’s Cross-Chain Transfer Protocol (CCTP).
Over six hours, approximately $232 million was bridged from Solana to Ethereum across more than 100 transactions.
The methodical execution of the Drift-Protocol exploit raised alarms among analysts, suggesting a highly sophisticated actor with deep knowledge of cross-chain infrastructure.
Prominent blockchain investigator ZachXBT did not hold back in criticizing Circle’s response to the Drift-Protocol exploit.
“Circle was asleep while many millions of USDC were swapped via CCTP from Solana to Ethereum for hours,” ZachXBT wrote on X, highlighting what he described as a critical failure to act during the unfolding exploit.
His remarks intensified scrutiny around the Drift-Protocol exploit, especially given Circle’s recent history of freezing wallets under legal directives.
Just days earlier, Circle had frozen USDC across multiple business wallets, including one linked to the DFINITY Foundation.
ZachXBT called that prior action “potentially the single most incompetent” he had seen in years—drawing a stark contrast to the inaction during the Drift Protocol exploit.
Facing mounting backlash, Circle defended its position, emphasizing regulatory compliance.
“Circle is a regulated company that complies with sanctions, law enforcement orders, and court-mandated requirements,” the firm stated. “We freeze assets when legally required, consistent with the rule of law.”
Legal experts suggest the situation surrounding the Drift Protocol exploit is far from straightforward.
Salman Baneiwarned that freezing assets without explicit authorization could expose Circle to legal liability.
Meanwhile, Ben Levit described the Drift Protocol exploit as a “gray area,” noting that the incident stemmed from an oracle manipulation rather than a traditional hack.
Blockchain intelligence firm Elliptic identified multiple indicators suggesting that North Korean-linked hackers may be behind the Drift Protocol exploit.
If confirmed, this would align the exploit with a growing pattern of state-sponsored cyberattacks targeting DeFi protocols.
The attacker’s decision to avoid USDT and rely heavily on USDC has fueled speculation that they anticipated Circle would not intervene during the Drift-Protocol exploit.
The Drift Protocol exploit has reignited a critical debate: when should centralized stablecoin issuers intervene?
Critics argue that Circle’s selective enforcement undermines trust, while defenders insist that legal constraints limit proactive action.
The controversy surrounding the Drift Protocol exploit highlights the tension between decentralization ideals and centralized control mechanisms.
As crypto losses had slowed in recent months, the Drift Protocol exploit marks a dramatic reversal—one that could shape future regulatory frameworks governing stablecoins, particularly around freeze authority and accountability.
The Drift Protocol exploit is more than just another hack—it’s a defining moment for DeFi and stablecoin governance.
With $285 million lost, reputations questioned, and regulatory pressure mounting, the industry now faces a hard truth: transparency and accountability can no longer be optional—they are survival requirements.
Copyright © 2025 - The Bit Gazette.
