The security incident involving Solana decentralized perpetual contract platform Drift Protocol continues to expand. According to SolanaFloor’s latest data, the affected protocols have increased to 20, with total losses reaching as much as $285 million, making it one of the most severe security incidents in the Solana ecosystem in recent years.
(Background recap: Drift Protocol has confirmed that the hack wasn’t some April Fools’ Day prank! Losses could be as high as $270 million, and the hackers are furiously laundering money to swap for ETH)
(Additional background: Elliptic report: The “$280 million Drift Protocol theft” suspect is believed to be North Korean hackers! Their cross-chain laundering methods are too professional)
Table of contents
Toggle
- The affected scope expands! 9 additional protocols are hit
- Disaster details revealed: Prime Numbers Fi suffers the biggest loss
- Drift pauses deposits and withdrawals; PiggyBank quickly compensates
Renowned decentralized finance (DeFi) perpetual contract platform Drift Protocol suffered a major security vulnerability attack on April 1. The impact of this storm is rapidly spreading. According to SolanaFloor’s latest data, as of the time of publication, the number of related protocols affected by the hacker attack has risen from 11 to 20, and total losses are estimated at as much as $285 million, making it one of the worst hacking incidents in the Solana ecosystem in recent years.
🚨New: @DriftProtocol exposure tracker updated with more Solana projects confirming impact from the $285M exploit. pic.twitter.com/DFhttYeadF
— SolanaFloor (@SolanaFloor) April 2, 2026
The affected scope expands! 9 additional protocols are hit
This hacker attack mainly targeted multiple Drift funds using issues such as vulnerabilities within a multisig mechanism. Because many projects in the Solana ecosystem rely on Drift’s liquidity or integrate its strategies (such as delta-neutral strategies), the attack triggered a domino effect shortly after it occurred. The latest nine protocols added to the disaster zone list include: PiggyBank, Perena, Vectis, Valeo, Amp Pay, Loopscale, Prime Numbers Fi, Gauntlet, and Exponent.
Disaster details revealed: Prime Numbers Fi suffers the biggest loss
In terms of specific loss amounts, the hacks affecting each impacted protocol have gradually come to light. The latest statistics show that the estimated worst losses are for Prime Numbers Fi, at more than $10 million; major institution Gauntlet lost about $6.4 million; Neutral Trade and Elemental DeFi each lost about $3.67 million and $2.9 million, respectively. In addition, projects such as Reflect Money, Vectis, Ranger Finance, and Pyra are also facing massive losses ranging from $0.551 million to $1.95 million.
Drift pauses deposits and withdrawals; PiggyBank quickly compensates
In the face of this sudden systemic risk, the Drift team has quickly paused deposit and withdrawal functions and is actively cooperating with a cybersecurity firm to track the hackers’ fund flows. Notably, some impacted protocols have also demonstrated crisis response capabilities—for example, after confirming a loss of $106,000, PiggyBank promptly deployed team funds to fully reimburse the affected users.
This incident not only put heavy selling pressure on Drift’s native token DRIFT, but also weighed on Solana’s overall short-term liquidity. This painful lesson totaling $285 million once again highlights the potential risks in DeFi ecosystems involving multisig management, permission controls, and cross-protocol integration. Whether the funds can be successfully recovered afterward, and what compensation plans will be offered by other impacted protocols, are still being closely watched by the market.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Kelp DAO Hack Attributed to Lazarus Group; eth.limo Domain Hijacked via Social Engineering
LayerZero reported that the Kelp DAO exploit, attributed to North Korea's Lazarus Group, led to a loss of $292 million in rsETH tokens due to vulnerabilities in its decentralized verifier network. Additionally, eth.limo faced a domain hijacking from a social engineering attack, but DNSSEC mitigated severe damage.
GateNews1h ago
DeFi Hack Triggers $9 Billion in Outflows from Aave as Stolen Tokens Used as Collateral
A recent hack draining nearly $300 million from a crypto project led to a liquidity crisis on Aave, causing users to withdraw around $9 billion. Concerns over collateral quality prompted mass withdrawals, highlighting risks in DeFi lending.
GateNews1h ago
Ethereum Phishing Attack Drains $585K From Four Users, Single Victim Loses $221K WBTC
A coordinated Ethereum phishing attack drained $585,000 from four victims, exploiting user permissions through a deceptive link. This incident highlights the rapid loss of funds via social engineering, even under the guise of legitimacy.
GateNews3h ago
Pay attention to the signed content! Vercel is hit with ransomware demanding $2 million, and crypto protocol frontend security raises a red flag
The cloud development platform Vercel was breached by hackers on April 19. The attackers gained access through a third-party AI tool used by employees and threatened to extort $2 million. Although sensitive data was not accessed, other data may have been used. The incident has raised security concerns in the crypto community, and Vercel is currently investigating while advising users to rotate their keys.
ChainNewsAbmedia4h ago
KelpDAO Loses $290M in Lazarus Group LayerZero Attack
KelpDAO faced a $290 million loss due to a sophisticated security breach linked to the Lazarus Group. The attack exploited configuration weaknesses in their verification system and highlighted the risks of relying on a single-point verification setup. Industry experts emphasize the need for improved security configurations and multi-layer verification to prevent future incidents.
CryptoFrontier5h ago
LayerZero responds to Kelp DAO’s 292 million incident: it indicates that Kelp set up a custom 1-of-1 DVN configuration, and the attacker was North Korea’s Lazarus.
LayerZero issued a statement regarding the $292 million hack suffered by Kelp DAO, accusing Kelp’s self-selected 1-of-1 DVN configuration of making the incident possible. The attacker was the North Korean Lazarus Group. LayerZero emphasized that this incident stems from configuration choices and that it will no longer support this kind of vulnerable setup. In addition, responsibility is still disputed, and no compensation plan has been provided.
ChainNewsAbmedia5h ago
