Drift Protocol Hack 2026 — $290M Exploit Analysis

Attackers spent ~6 months socially engineering governance signers on the Solana perps DEX, then compromised privileged access and manipulated collateral pricing to drain ~$290M.

Details

Full Description

Drift Protocol, a Solana-based perpetuals DEX, was compromised after attackers spent approximately six months socially engineering governance signers. Once privileged access was obtained, the attackers manipulated collateral pricing to drain an estimated $286-295M. The attack was attributed to North Korea's Lazarus Group. The project later rebranded to Velocity. Approximately $3.36M was frozen, with the majority unrecovered.

Laundering Analysis

Funds moved across Solana DEX aggregators and bridged to other chains. Minimal freezing occurred; ~$3.36M frozen. Lazarus Group attribution based on prolonged social-engineering pattern.

Sources

Transaction Hashes

Related Hacks

Back to Browse