Drift Protocol: No Evidence of Mnemonic Theft, Highly Sophisticated Attack, Weeks-Long Preparation

BlockBeats News, April 2nd, Drift Protocol tweeted that a bad actor executed a novel attack involving a durable nonce to gain unauthorized access, swiftly taking over control of the Drift Security Council. The attack was highly sophisticated, prepared over several weeks, including the use of durable nonce account pre-signed transactions to delay execution.

The current investigation indicates that the incident was not due to a Drift Protocol or smart contract vulnerability; there is no evidence of mnemonic phrase theft; the attacker gained permission through unauthorized or forged transaction approvals (potentially involving social engineering). The end result led to approximately $280 million in protocol funds being drained. All borrowing, vault deposits, and trading funds are affected. DSOL (funds not deposited in Drift, including assets staked to Drift validators) and the insurance fund assets are unaffected, with the latter being tapped for protection. As a precautionary measure, all remaining protocol functionalities have been frozen, and the multisig has been updated to remove compromised wallets.