Gate News reports that on April 2, the founder of Mist (Slow Mist), Yu Xuan, disclosed that the root cause of the Drift Protocol theft was that, one week prior, the multisig setup was migrated to a 2/5 configuration without a timelock (1 old signer + 4 new signers). The attacker exploited this to quickly take over the admin privileges, then minted counterfeit CVT tokens, manipulated the Oracle, disabled related security mechanisms, and ultimately drained all the assets in the pool, resulting in losses exceeding $200 million. Yu Xuan urged all DeFi project teams to promptly and regularly review extreme risk scenarios following the compromise of owner/admin private keys, and to improve alerting and response mechanisms; users should also clearly understand their exposure to potential fund losses in extreme situations (such as insider malfeasance) within the DeFi protocols they participate in, to avoid blind entry.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
SlowMist Warns of Active Phishing Attack Using Fake 'Harmony Voice' Software
SlowMist's security team has warned of a social engineering campaign targeting cryptocurrency users. Fraudsters are posing as project partners to trick users into downloading a malicious application disguised as a translation tool. Users are advised to verify software authenticity.
GateNews16m ago
Zonda Exchange CEO Blames Missing Founder for $336M in Lost Bitcoin
Zonda CEO Przemysław Kral has attributed the exchange's loss of access to 4,500 BTC, valued at $336 million, to missing founder Sylwester Suszek's failure to transfer private keys. Amid allegations of bankruptcy and intensified withdrawal requests, Kral insists Zonda remains solvent and will pursue legal action while searching for Suszek, who disappeared in 2022.
GateNews1h ago
Grinex Exchange Halts All Trading After $15M Cyberattack on Wallet Systems
Grinex, a Kyrgyz crypto exchange, suspended trading after a cyberattack resulting in losses of around $15 million. The advanced nature of the attack points to organized or state-level involvement. Grinex has reported the incident to authorities and is assessing the damage.
GateNews1h ago
Tether Freezes $3.29M USDT Linked to Rhea Finance Exploit
Tether froze $3.29 million in USDT linked to Rhea Finance exploit, ensuring user protection and ecosystem trust. Blockchain tracking enabled this action against suspicious wallets after attackers moved funds to evade detection.
GateNews1h ago
Circle Stock Falls After $280M Drift Protocol Hack Lawsuit Filed
Circle Internet Group's stock fell 1% after a class action lawsuit alleged it failed to prevent $230 million in stolen USDC during the Drift Protocol exploit. The lawsuit questions Circle's ability to halt the attackers' transactions, raising issues of responsibility for stablecoin issuers in breach scenarios.
GateNews2h ago
Ethereum Foundation Uncovers 100 North Korean Operatives Infiltrating Web3 Companies
The Ethereum Foundation's ETH Rangers Program revealed a major security threat from North Korean operatives infiltrating Web3 companies. The investigation uncovered about 100 operatives, flagged 53 projects, and recovered over $5.8 million. The foundation urges improved hiring processes and global cooperation for enhanced security.
GateNews3h ago
