Drift Protocol lost at least $280 million after an attacker seized administrative control of its Security Council by leveraging durable nonce accounts and pre-signed transactions to time a precise takeover. Drift says no smart contract flaws or seed phrase compromises occurred, the protocol is effectively frozen while partners and authorities work to trace and recover funds. #DriftProtocol #Solana
Keypoints
- An attacker stole at least $280β285 million by taking admin control of Drift Protocolβs Security Council.
- The intruder used durable nonce accounts and pre-signed transactions to delay execution and strike at a chosen time.
- The attacker acquired 2/5 multisig approvals from Security Council members to enable execution of malicious pre-signed transactions.
- After gaining admin control they added a malicious asset, removed withdrawal limits, and drained funds, effectively freezing protocol operations.
- Drift reports no program or smart contract exploits and says DSOL and insurance funds are secure while it works with PeckShield, exchanges, and law enforcement on recovery and a post-mortem.