Drift Protocol Exploit Spreads to 20 Solana Projects
Drift Protocol, a Solana-based perpetuals decentralized exchange, confirmed a $285 million exploit on April 1, 2026, sending an on-chain message to the attacker's Ethereum wallet to establish direct communication. Drift Protocol paused deposits and withdrawals, initiating an investigation.
Initial reports estimated losses over $270 million, later refined to $285 million. The breach was attributed to compromised admin access, with attackers leveraging "durable nonces," a legitimate Solana feature, to pre-sign $286 million in fraudulent transfers weeks in advance. This method involved obtaining two signatures from council members for execution. Approximately $230 million of the stolen funds were subsequently moved cross-chain. Tether paused its Solana mesh within 90 minutes of the exploit, though Circle's CCTP remained active, allowing the attacker an irreversible exit window for cross-chain fund movement.
The attacker moved stolen assets, converting a portion to 130,262 $ETH ($267.67M) and $2.46M in $USDC.
The exploit has broadened its impact across the Solana ecosystem, affecting 20 projects, up from an initial 11. Drift Protocol, one of Solana's largest DeFi platforms, held $550 million in user funds prior to the incident.
Among the newly confirmed affected protocols, Prime Numbers Fi has reported losses exceeding $10 million. Carrot has informed its $CRT holders that they face an estimated 50% loss if no funds are recovered. Other affected protocols include PiggyBank, Perena, Vectis, and Valeo. ONDO has frozen $477,000 in funds identified as originating from the Drift hack.
The $DRIFT token plunged 40% in the past 24 hours and is down 44.7% over the last seven days, trading around $0.040791.
Solana Protocols Face $2.6B Exposure from Multi-Sig Flaw
Seven Solana DeFi projects face immediate exploit risk from weak multi-signature controls, exposing approximately $2.6 billion in funds. This vulnerability, where insufficient time locks on two signers allowed a single key to control substantial assets.
Rectification efforts for the newly identified vulnerability are reportedly underway, with a resolution anticipated within 24 hours. The $SOL token's price experienced a 6.1% decrease over the past seven days.
Solana's $Lmao! Project Drained Over $200M via Admin Key
Separately, the Solana-based '$Lmao!' crypto project was drained of over $200 million due to a security breach involving a compromised administrative key. The attacker used a compromised admin key to mint 750 million fake $Lmao! tokens. They then seeded a Raydium liquidity pool with $500, artificially valuing each token at $1 to siphon legitimate value.
ResolvLabs Suffers $25M Breach, $RESOLV Tanks 90%
ResolvLabs, a DeFi project, suffered a $25 million security breach in Q1 2026. This exploit immediately led to a 90% plummet in the market value of its native $RESOLV tokens.
The incident specifically targeted and compromised the minting process of Resolv's stablecoin, USR. This vulnerability prompted a reevaluation of the stablecoin's security, leading to downgrades in its tier standing.
The exploit places ResolvLabs among 35 other security incidents reported across the crypto landscape during Q1 2026, which collectively accounted for approximately $461 million in total losses.