TechFlow reports that on April 2, Drift Protocol (@DriftProtocol) officially disclosed an incident in which a malicious actor rapidly seized administrative control of Drift Protocol’s Security Council via a novel attack exploiting durable nonces. The attack—prepared over several weeks and executed in stages—included pre-signing transactions with delayed execution and leveraging social engineering or transaction obfuscation to obtain approvals from a multi-signature wallet (2-of-5), ultimately enabling the malicious transfer of protocol-level permissions.
The Drift team stated that this incident was not caused by any smart contract vulnerability or seed phrase leakage. Affected assets include deposits for lending, insurance vault deposits, and trading funds. However, DSOL tokens not deposited into Drift—including assets staked to Drift validators—and insurance fund assets remain unaffected.
