Drift Protocol Hack Exposes Weaknesses in Solana DeFi Lending

The Drift Protocol hack on Solana has raised concerns about the security of decentralized finance (DeFi) lending and trading. The attack allowed hackers to drain valuable assets from the protocol, highlighting weaknesses in Web3 infrastructure.

According to an on-chain researcher, Circle, a centralized stablecoin issuer, failed to react to over $230M in USDC being moved after the hack, raising questions about its ability to freeze stolen funds. The hacker used Phantom Wallet, Wormhole bridge, and Jupiter's bridging service to take the funds out of Solana and swap them on other DEXs.

Several smaller DeFi protocols reported indirect losses due to their exposure to Drift Protocol, which held around $550M in liquidity before the exploit. Protocols such as Trade Neutral, Elemental DeFi, SynatraXYZ, Project0, Ranger Finance, Reflect Money, and Carrot Protocol were affected. Carrot Protocol even reported direct losses, with an estimated 50% of value locked.

The hack has led to a decline in the overall Solana DeFi value, falling from $6.1B to $5.4B as reported by Defillama. DRIFT tokens also incurred significant losses, wiping out 37% of their value. The incident serves as a reminder of the ongoing security risks in Web3 infrastructure.