- Drift Protocol secures $280 million worth of crypto theft with sophisticated password abuse attacks.
- Hackers have hijacked the Security Council’s powers through the manipulation of work permits and social engineering
- Deposits on loan/loan, warehouses, and trading are affected; The incident marks the biggest crypto theft of 2026 so far
Decentralized cryptocurrency exchange Drift confirmed a cyberattack in which malicious actors stole tokens worth millions of dollars.
On April 1 2026,, Drift Protocol sent to X, saying that it was “under active attack”, and that all deposits and withdrawals were stopped as a result.
“This is not an April Fools joke,” the Twitter handle tweeted. “We are working with many security companies, bridges, and exchanges to prevent this incident.”
The article continues below
A very sophisticated attack
Soon after, an update was posted, explaining that the malicious actor was able to reach an agreement with a “novel attack involving strong words,” which resulted in the “immediate seizure of the administrative powers of the Drift Security Council.”
The Security Council is a governance and security mechanism designed to act quickly in emergency situations, without waiting for a full DAO vote. A small, trusted group (usually multisig signers) within a protocol’s governance structure, with limited, fast power. Ironically, the Security Council should have prevented an attack like this.
Drift says the attack was “a very complex operation that appears to have involved weeks of preparation and planned execution”.
It was not a bug, and no seed sentences were messed up. Instead, the attacks involved “unauthorized or misrepresented work permits obtained prior to the execution, likely motivated by lengthy, ineffective procedures and sophisticated social engineering.”
At press time, no one claimed responsibility for the attack, but Drift said that approximately $280 million was withdrawn from the deal. North Korean government-sponsored groups Lazarus and the Chollima variety (Labyrinth, Pressure, Golden) are often tasked with stealing cryptocurrencies from western organizations. The country is using the stolen money to fund government services and its weapons program, some researchers say.
All deposits made from mortgages/loans, vault deposits, and trading deposits are affected, Drift confirmed. This is now one of the biggest crypto heists ever, and the biggest this year so far.
With A record
The best antivirus for all budgets
Follow TechRadar for Google news again add us as a favorite resource to get our expert news, reviews, and opinions in your feed. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok to get news, reviews, unboxings in video form, and get regular updates from us WhatsApp again.
