GoKawiilThe Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation.
The attacker leveraged durable nonce accounts and pre-signed transactions to delay execution and strike with accuracy at a chosen time, the platform explained.
Drift underlines that the hacker did not exploit any flaws in its programs or smart contracts, and no seed phrases have been compromised.
Drift Protocol is a DeFi trading platform built on the Solana blockchain that serves as a non-custodial exchange, giving users full control of their funds as they interact with on-chain markets.
As of late 2024, the platform claimed to have 200,000 traders, supporting total trading volumes of more than $55 billion and a daily peak of $13 million.
According to Drift's report, the heist was prepared between March 23 and 30, with the attacker setting up durable nonce accounts and obtaining 2/5 multisig approvals from Security Council members to meet the required threshold.
This enabled them to pre-sign malicious transactions that weren’t executed immediately.
On April 1st, the attacker performed a legitimate transaction and immediately executed the pre-signed malicious transactions, transferring admin control to themselves within minutes.
Having gained admin control, they introduced a malicious asset, removed withdrawal limits, and eventually drained funds.
Source: PeckShield
... continue reading