Ledger CTO Points to Systemic DeFi Security Flaws in Drift's $280M Hack
The Drift Protocol hack, resulting in a $280 million loss, underscores the persistent and systemic security flaws in decentralized finance. Ledger CTO Charles Guillemet rightly points out the similarities with the Bybit breach, emphasizing the urgent need for robust security measures in DeFi.
Guillemet noted that the attack mirrored the 2025 Bybit breach, suggesting a recurring pattern of exploiting multisig security processes. The attackers either acquired enough keys or manipulated multisig signers to authorize harmful transactions, bypassing the protocol's defenses without exploiting coding flaws.
The exploit leveraged Solana's "durable nonces," a feature designed for transaction convenience, to pre-sign administrative transfers. This allowed the attackers to swiftly move funds from Solana to Ethereum, transferring over $230 million in USDC through Circle’s CCTP in just six hours.
In response, Drift Protocol has halted all deposits and withdrawals and is collaborating with security experts to address the breach. The attack, being the largest of 2026 so far, underscores the need for a reassessment of security practices in the DeFi ecosystem to prevent similar incidents in the future.