Solana Exchange Drift Protocol Hacked for $286 Million

A Solana-based decentralized perpetual futures exchange, Drift Protocol, was hacked on April 1, 2026, resulting in the loss of $286 million.

The attack involved fake collateral and socially engineered pre-signed transactions. According to blockchain analysts, the attacker used a Tornado Cash withdrawal on March 11 to deploy the carbonvote token (CVT) on March 12, which was then seeded with minimal liquidity on the Raydium decentralized exchange.

Over the next three weeks, the attacker maintained a price near $1.00 for CVT through wash trading, which Drift's oracles read as legitimate collateral. On April 1, the attacker activated pre-signed transactions that listed CVT as valid collateral, raised withdrawal limits, and deposited hundreds of millions in CVT tokens against which Drift's risk engine issued real assets.

Thirty-one withdrawal transactions cleared in roughly 12 minutes, resulting in the loss of $286 million. The attacker converted the stolen tokens to USDC using Jupiter, bridged to Ethereum, and swapped into tens of thousands of ETH.