Drift, a major Solana-based DeFi platform, has frozen deposits and withdrawals after an April 1 attack drained more than $200 million, with some estimates putting the loss as high as $285 million. The attacker moved more than 15 types of tokens off the platform, including USDC and the Solana liquidity token JLP, and much of the stolen crypto was bridged to Ethereum within hours.
What has been confirmed is that the attacker gained control through social engineering and exploited multisig approvals, bypassing withdrawal limits. The technical cause is still being sorted, with speculation around a private-key leak and unconfirmed reports that Circle’s cross-chain protocol may have helped move USDC, but the script does not settle on a single explanation.
The immediate effect is that Drift’s core activity is suspended while investigators work to establish the asset trail and determine what, if anything, can be frozen or reclaimed. The move to bridge funds to Ethereum has complicated recovery efforts by widening the number of venues and chains involved.
This is described in the script as the biggest DeFi theft of the year so far, and it underlines how an isolated exploit can puncture an otherwise subdued market. Even in a low-volatility environment, operational weaknesses in protocol security can still trigger abrupt and outsized losses.