Drift Protocol Suspends Withdrawals After Massive DeFi Hack
- Drift froze transfers after an active attack disrupted activity across Solana DeFi.
- CertiK estimated $136M in losses, while Arkham put the suspected theft at $285M.
- This breach may mark 2026’s largest crypto theft if current estimates are confirmed.
Drift Protocol suspended deposits and withdrawals after confirming an active attack that may have drained between $136 million and $285 million, according to the platform and blockchain trackers. The Solana-based DeFi company said it was working with security firms, bridges, and exchanges to contain the incident. If confirmed, the breach would rank as 2026’s largest crypto theft, according to the Rekt leaderboard.
Drift Moves to Contain the Breach
Drift disclosed the incident in a post on X. The company said it was “experiencing an active attack” and had suspended deposits and withdrawals. It also said it was working with multiple security firms, bridges, and exchanges to contain the incident.
The company’s statement said, “Drift Protocol is experiencing an active attack.” It also said, “Deposits and withdrawals have been suspended.” Drift added, “This is not an April Fools joke.” The company said it would share more updates as more information became available.
It is not clear who was behind the attack, according to the report. A spokesperson for Drift did not immediately respond to a request for comment. Meanwhile, CertiK said hackers may have stolen about $136 million, while Arkham estimated roughly $285 million.
Hack Lands During a Push Into On-chain Finance
The Meridiem report framed the breach as 2026’s largest crypto theft and said DeFi had entered a custody crisis. It said the dollar figure mattered, but the timing mattered more. The report said the breach arrived as institutional capital moved deeper into on-chain finance.
Franklin Templeton has been building on-chain funds, while BlackRock launched a tokenized money market fund, according to the report. Traditional finance had started treating decentralized protocols as infrastructure, not experimentation. What happens when that shift meets a breach of this scale?
The same report said Drift’s immediate freeze exposed a core DeFi tension. Its decentralized design attracts crypto-native users, yet custody controls, audit trails, and recovery systems remain key concerns for institutional treasurers. In turn, the breach hit the market at a sensitive moment.
Related: Solana DeFi Exchange Drift Halts Services After $285M Exploit Scare
Security Concerns Widen Across DeFi
Security researchers said recent DeFi attacks have grown more sophisticated, especially on high-performance blockchains such as Solana. They said many incidents now involve multi-step exploits, including compromised private keys or weak administrative permissions. Those gaps can give attackers elevated control over protocol operations.
The report said the latest breach showed that DeFi still faces deep security risks despite audits and design improvements. It added that established platforms remain exposed when attackers find edge-case vulnerabilities or exploit operational mistakes. Earlier Solana incidents also led to losses worth tens of millions, the text said.
Security firms said North Korea carried out most crypto thefts last year and took at least $2 billion, according to the report. Those firms said the regime uses stolen cryptocurrency to fund its nuclear weapons program and evade sanctions. Drift said it would provide more updates as more information became available.
