Ecosystem
Wallet
yellow banner logo
TRADING
PLATFORM LIVE
GET STARTED
yellow shooting starsbackground stars

How Attackers Turned $500 Into $285M: The Drift Hack Breakdown

profile-murtuza-merchant
Murtuza Merchant1 hour ago
#Solana#Drift Protocol
How Attackers Turned $500 Into $285M: The Drift Hack Breakdown

A sophisticated exploit targeting Drift Protocol appears to have drained an estimated $285 million after an attacker manipulated oracle pricing using a fabricated token, leveraged a compromised admin key and disabled core withdrawal safeguards.

Fake Collateral Built Weeks In Advance

According to on-chain analysis shared by independent researcher Ares, the exploit began weeks before the actual drain. The attacker minted 750 million units of a fake asset called “CarbonVote Token” (CVT) and created a liquidity pool on Raydium (RAY) with just $500 in liquidity, artificially setting its price near $1.

Over several weeks, the attacker reportedly wash traded the token to build a credible on-chain price history, allowing it to be picked up by oracle mechanisms as legitimate collateral value.

Admin Key Compromise And Safeguard Removal

On April 1, the attacker used a compromised Drift admin key to list CVT as a spot market. In the same transaction, withdrawal guard thresholds across multiple markets were raised to extreme levels, effectively disabling limits designed to prevent large outflows.

Also Read: Bitcoin Redistribution Phase Echoes Q2 2022 Bear Market - Glassnode Report

The attacker then deposited approximately 785 million CVT, valued at $785 million based on the manipulated oracle price, across multiple accounts.

Vaults Drained In Minutes

Using the inflated collateral, the attacker executed 31 withdrawal transactions in roughly 12 minutes, draining assets across multiple vaults.

These included $66.4 million in USDC, $42.7 million in JLP, $23.3 million in MOODENG (MOODENG) and smaller amounts of other tokens.

Funds were subsequently consolidated, partially burned through perpetual liquidity removal and converted into SOL before being distributed across multiple wallets.

The use of multiple signing keys suggests either a broader compromise of operational infrastructure or access to privileged credentials, raising further concerns about internal security controls.

Read Next: CLARITY Act Stablecoin Deal Could Come Within 48 Hours, Coinbase CLO Predicts

Disclaimer and Risk Warning: The information provided in this article is for educational and informational purposes only and is based on the author's opinion. It does not constitute financial, investment, legal, or tax advice. Cryptocurrency assets are highly volatile and subject to high risk, including the risk of losing all or a substantial amount of your investment. Trading or holding crypto assets may not be suitable for all investors. The views expressed in this article are solely those of the author(s) and do not represent the official policy or position of Yellow, its founders, or its executives. Always conduct your own thorough research (D.Y.O.R.) and consult a licensed financial professional before making any investment decision.
Related News
Solana-Based Drift Protocol Hit By $270m Exploit, Token Drops 11%
3 hours ago
Solana-based decentralized exchange Drift Protocol said Wednesday it was investigating a potential $270M exploit that triggered a sharp selloff in its
An Attacker Exploited A Double-Minting Bug In Solv Protocol 22 Times - The Haul: $2.7M In Bitcoin-Backed Tokens
Mar 09, 2026
A flaw in Solv Protocol's (SOLV) "BitcoinReserveOffering" smart contract allowed an attacker to inflate 135 BRO tokens into approximately 567 million,
Attacker Drains $4.2M From Makina DUSD Pool Using 280M USDC Flash Loan
Jan 20, 2026
Makina Finance, a decentralized finance protocol on Ethereum, lost approximately $4.2 million after an attacker exploited a vulnerable oracle mechanis
Resolv USR Crashes 72% After $25M Exploit
Mar 23, 2026
Resolv's USR stablecoin lost its dollar peg and crashed 72% to $0.27 after an attacker exploited a flaw in the protocol's minting contract to create r
Infinite-Mint Vulnerability Behind Yearn Finance's $2.8M yETH Exploit, Nansen Confirms
Dec 01, 2025
Yearn Finance confirmed an active exploit targeting its yETH product on Nov. 30, after an attacker minted an effectively unlimited supply of tokens an
Related Research Articles
Biggest Crypto Exploits Of 2025–2026: What Really Went Wrong
Mar 23, 2026
Crypto hacks in 2025 and early 2026 exceeded every prior annual record by dollar value, with losses reaching as high as $3.4 billion across a landscap
Why DEX Exploits Cost $3.1B in 2025: Analysis of 12 Major Hacks
Oct 27, 2025
Lately the cryptocurrency world witnessed another devastating lesson in the fragility of decentralized finance. BunniDEX, a promising decentralized
Off-Chain Vs. On-Chain Trading: What Is Shifting Crypto From CEXs To DEXs?
Mar 25, 2026
Decentralized exchanges captured more than 20% of global spot crypto trading volume by late 2025, roughly triple their share from four years earlier,
Binance Under Siege? Theory Behind $1B Crypto Meltdown Explained
Oct 13, 2025
Billions in losses. Three collapsing assets. An eight-day window of vulnerability. Inside the theory that last week's historic crypto meltdown wasn't
The Hidden Economics Of Memecoin Giveaway Farming
Mar 25, 2026
Somewhere in a reply thread underneath a cryptocurrency influencer's latest post, thousands of Solana (SOL) wallet addresses sit stacked like lottery
Related Learn Articles
Beginner's Guide to DeFi Lending: Step-by-Step Tutorial for Earning Passive Income with Crypto
Aug 11, 2025
The decentralized finance revolution has fundamentally transformed how individuals can earn interest on their cryptocurrency holdings. DeFi lending pl
What Are DAO Tools & How to Choose? 2025 Platform Guide for Governance & Treasury Management
Sep 04, 2025
The decentralized autonomous organization ecosystem has undergone a profound transformation, evolving from experimental concepts to institutional-grad
Top 10 Things To Know Before Trading On A DEX
Mar 30, 2026
Decentralized exchanges now process over $400 billion monthly and command more than 20% of all crypto spot volume. This structural shift has made und
Protect Your Crypto Exchange Account: Advanced Security Strategies Explained
May 19, 2025
Social engineering has become the leading threat in the cryptocurrency ecosystem, targeting human behavior instead of technical flaws to breach securi
What are Rug Pulls and How to Spot It: 7 Critical Red Flags
Apr 15, 2025
Сryptocurrency has revolutionized financial possibilities with its promise of decentralization, democratized access, and borderless transactions. Howe