TechFlow News: On April 2, according to Cos (Yu Xian), founder of SlowMist (@evilcos), the root cause of the Drift Protocol hack was its migration one week prior to a 2-of-5 multisig configuration without a timelock (comprising 1 legacy signer and 4 new signers). Leveraging this setup, the attacker seized administrative control within hours, subsequently minting counterfeit CVT tokens, manipulating the oracle, disabling relevant security mechanisms, and ultimately draining all valuable assets from the protocol’s liquidity pool—resulting in losses exceeding $200 million.
Cos also urged all DeFi project teams to promptly and regularly review extreme-risk scenarios that could arise if owner/admin private keys are compromised, and to improve alerting and incident response mechanisms. Users, meanwhile, should clearly understand their potential capital loss exposure under extreme circumstances—such as internal malfeasance—when participating in DeFi protocols, and avoid entering blindly.
