What happened with Drift Protocol and the $280 million hack?

Drift Protocol, a Solana-based DeFi platform, suffered a $280 million exploit after attackers infiltrated its systems over several months. The breach was reportedly carried out through social engineering, allowing hackers to gain access to sensitive systems and funds.

Why could the Drift Protocol hack be considered “civil negligence”?

Crypto attorney Ariel Givner said the incident may qualify as civil negligence because Drift allegedly failed to follow basic security practices. This includes not properly protecting signing keys and failing to vet external collaborators, which are standard safeguards in crypto.

Who was behind the Drift Protocol attack?

The attackers are suspected to be linked to North Korea-aligned hacking groups. They reportedly built trust with the Drift team over six months before deploying malware and executing the exploit.

How did the attackers manage to breach Drift Protocol?

The attackers approached the team at a crypto conference and maintained contact via platforms like Telegram. They eventually sent malicious links and fake apps, which compromised developer devices connected to critical systems.

What security failures were identified in the Drift Protocol case?

Key failures included not using air-gapped systems for signing keys and poor operational security practices. These lapses made it easier for attackers to infiltrate systems and access funds.

What does this mean for DeFi investors and users?

It highlights that even major DeFi platforms can be vulnerable to human error and social engineering. Investors face risks not just from code bugs, but from operational failures within project teams.

How might this impact Drift Protocol’s future?

The platform could face legal action, reputational damage, and loss of user trust. Class action lawsuits are already being discussed, which could create financial and regulatory pressure.

Is this good or bad for the broader crypto market?

It is negative in the short term as it reinforces concerns about security in DeFi. However, it may push the industry to adopt stricter security standards, which could be positive long term.

Drift hack may be civil negligence lawyers warn

Written by Heidi Cuthbert Published Apr. 6 2026Last Updated Apr. 6 2026

The $280 million exploit of Solana-based Drift Protocol may constitute civil negligence due to failures in basic security practices, according to crypto attorney Ariel Givner.

Givner said the Drift team failed to follow standard operational safeguards, including isolating signing keys and properly vetting external developers, exposing user funds to preventable risks.

“In plain terms, civil negligence means they failed their basic duty to protect the money they were managing,”

Said attorney Ariel Givner.

The attack was reportedly carried out by threat actors linked to North Korea, who spent months building trust with the Drift team before deploying malware through social engineering tactics.

According to Drift, attackers first made contact at a crypto conference in October 2025 and infiltrated systems over six months by sharing malicious links and fake applications.

The exploit highlights growing risks from social engineering and insider-style attacks, which can bypass even advanced technical safeguards if operational discipline is weak.

Legal pressure is mounting, with class action advertisements already circulating, as the incident raises broader concerns about accountability and security standards across DeFi platforms.

At the time of reporting, Solana price was $81.85.