Drift Protocol, a decentralized exchange, detected unusual trading activity on Wednesday and warned users not to deposit funds while it investigates. The team’s initial notice gave no details about the cause or scope of the incident; a later update said both deposits and withdrawals have been suspended.
Blockchain security researcher Vladimir S suggested the breach likely originated from a leaked private key for a crypto wallet, saying an admin signer may have been compromised or intentionally used to make changes. He estimated potential losses could reach as much as $200 million.
Reportedly stolen assets include wrapped Bitcoin (WBTC), Jito (JTO), the Fartcoin (FRT) memecoin, various altcoins and multiple stablecoins denominated in dollars, euros and yen. According to Solana treasury firm DeFi Development Corp, the withdrawn funds were moved to several addresses, where the exploiter began converting assets to USDC, bridging them to Ethereum and buying Ether.
Cointelegraph reached out to Drift for comment but had not received an immediate response.
Crypto hacks remain a persistent risk for the industry. February saw roughly $49 million in losses from cybersecurity incidents, a decline from January but still a sign of ongoing vulnerability. The Drift token (DRIFT) reacted quickly to the reports: CoinMarketCap data shows it briefly traded at $0.068 before falling about 18%.
Security firm Immunefi notes that recovery for native tokens is rare after breaches; roughly 83% of tokens tied to hacked platforms never return to pre-hack prices. Immunefi CEO Mitchell Amador warned that stolen funds are only the first layer of damage. He said longer-term consequences often include prolonged token price suppression, reduced treasury resources, leadership disruptions, lost development time and erosion of user trust.
Readers are advised to follow official updates from Drift and to independently verify information as the investigation continues.