Litecoin

DeFi Loan Agreement Drift stole over $200 million in 10 seconds, over 15 projects were affected

2026/04/02 13:33
👤chaincatcher
🌐en
DeFi Loan Agreement Drift stole over $200 million in 10 seconds, over 15 projects were affected

Author: ChainCatcher

 

At about 1 a.m. this morning, another massive theft occurred in the DeFi field, and the Solana Loan Agreement Drift was hacked and over $220 million of user assets were stolen by hackers in 10 seconds。

After the incident, Drift coins fell by over 40 per cent in a short time, and the current FDV is about $44 million. As a result of the many ecological assets involved in Solana, the solana fields, such as SOL and JUP, have seen an abnormal decline of varying degrees。

Drift, previously one of the largest eco-lending agreements in Solana, showed that the cumulative financing of the agreement was in excess of $52 million from investors such as Multicoin Capital, Polychain, Robot Ventures, Blackchain Capital, Ethereal Ventures, and Jump Capital VC。

According to a public analysis, the theft of this Drift was closely linked to the disclosure of a multi-money address, together with the imposition of common methods of attack, such as an attack on governance and an attack on a prognosis machine, in which the attackers, using a single signature key, completed all operations in a single transaction: creating a false market, manipulating a prognosis machine and lifting the withdrawal restrictions。

The frequency of attacks, coupled with the project ' s weak preventive measures, has once again revealed the fragility of the DeFi area. According to the tweets of Chaos Labs founder Omer Goldberg and the relevant interpretation, the following is a detailed analysis of the theft process:

The initial omen of the event occurred a week ago, a week ago, Drift moved the administration of the agreement from the old multiple-signing wallet to the new multiple-signing wallet, created by one of the signatories of the old multiple-signing, who did not add himself to the new multiple-signing wallet。

The attackers seized this loophole and first initiated a proposal in the old multiple signatures to transfer Drift ' s administrator ' s authority to a new wallet (controlled by the attackers)。

Five new signatories have been created, only one of them from the old and the remaining four are completely new. The rule is extremely liberal: only 2/5 people agree (i.e. just two signatures is sufficient) and a 0-second lock (the proposal is implemented immediately without any waiting period)。

In the early morning hours, the only remaining old signatory made a proposal with new signatures: "Replace Drift's administrator's authority with a wallet under the real control of the assailant."

A few seconds later, the other new signatory immediately follows and easily reaches the 2⁄5 threshold. Since there was no time lock, the proposal was executed instantaneously and the attackers obtained full administrator authority。

The attackers then immediately used their authority to create the CVT spot market in the Drift agreement, which had a total supply of about 750 million currency and the attackers held 600 million. Then the attackers used their own Sitchboard OnDemand predictor machine and equipped Drift to read it。

After the operation was completed, the assailants raised the price of the virtually worthless CVT coin by 20 transactions, making the 600 million CVT that they had deposited look worth hundreds of millions of dollars. As a result, the attackers borrowed approximately $22-280 million worth of assets, including 41.72 million JLP (Jupiter LP token, valued at approximately $155 million), 51.6 million USDC, 164 cbBT (valued at approximately $11.29 million), etc。

DeFi built-up structures were once considered to be the greatest advantage in this field, and today this advantage also conveys risk to other DeFi agreements that integrate the Drifi lending market in the Solana area as domino。

JLP is the core LP asset of JIPIPTER Perps, and this theft will significantly reduce the liquidity of Jupiter’s contract market for renewal, as well as the ripple effects of a panic and a drop in JP tokens。

In addition, more than 15 DeFi communications, such as Perena, Project 0, Exponent, Carrot, Langer, Piggy Bank, Reflect, Project 0, Elemental, Neutral Trade, Pyra, Fuse, Neutral Trade, XPlace, and others, confirmed that Drift had been affected by the theft and that some of their current functions had been suspended。

However, among all security incidents, users continue to be the most affected, and persistent hacking has repeatedly shaken users ' confidence in DeFi。

“TODAY NOTHING ELSE IS DONE, AND ALL OLD PROJECTS IN THE CHAIN ARE FULLY FUNDED, AND NEW PROJECTS WILL NOT BE RELEASED UNLESS THEY ARE SPECIFICALLY KNOWN, AND WILL NOT TEST HUMANITY.” AFTER THE LOSS OF OVER $600,000 IN THE INCIDENT, THE FAMOUS KOL TUANG BROTHER SENT THE POST。

Artikel Terkait

KOIN API UNTUK MELUNCURKAN PERMINTAAN VIP USDT HINGGA 9% PEMBATALAN, LIT, SUBSIDI GANDA TRUMP UNTUK "MEROKOK". MUSIM

Tidak ada konten berita

2026/04/02 13:52chaincatcher

Trump berbicara untuk meledakkan pasar: dua atau tiga minggu ke depan akan menjadi hit di Iran

Trump tidak menyebutkan gencatan senjata, dan pasar bereaksi keras。

2026/04/02 13:46BLOCKBEATS

Dari tebak kata ke "Aturan Sementara": Charade 10 tahun enkripsi

Nilai harus datang dari program operasi sistem yang berfungsi dengan baik, bukan dari komitmen seseorang. 。

2026/04/02 13:39ODAILY

DeFi Loan Perjanjian Drift mencuri lebih dari $200 juta dalam 10 detik, lebih dari 15 proyek terpengaruh

Tidak ada konten berita

2026/04/02 13:34chaincatcher
QQlink

Tidak ada "backdoor" kripto, tidak ada kompromi. Platform sosial dan keuangan terdesentralisasi berdasarkan teknologi blockchain, mengembalikan privasi dan kebebasan kepada pengguna.

Tautan Teman

© 2024 Tim R&D QQlink. Hak Cipta Dilindungi Undang-Undang.