Drift Protocol Hack: Ledger CTO Warns of Crypto Risks

Ledger CTO: Drift Protocol Hack a 'Wake-Up Call' for Crypto

Ledger CTO Charles Guillemet warns the recent $213 million Drift Protocol hack on Solana highlights critical security vulnerabilities in the crypto space. He urges improved key management and detection mechanisms.

Editorial Team

April 02, 2026 · 11:33 AM ·2 min read ·0 views

Drift Protocol Hack: A Major Security Breach

Charles Guillemet, the CTO at Ledger, has commented on the recent hack of Drift Protocol, a major perpetual decentralized exchange (DEX) on the Solana blockchain. He described the incident as a significant “wake-up call” for the entire cryptocurrency industry.

Details of the Exploit

The official X account of Drift Protocol confirmed the exploit earlier today, reporting a loss of approximately $213 million in cryptocurrency. On-chain trackers quickly identified the hacker converting the stolen stablecoins into Ethereum. This makes it the largest hack of 2026 to date, and one of the largest ever on the Solana blockchain.

Comparison to Past Incidents

Guillemet compared the scale of the Drift Protocol hack to the 2022 Wormhole Bridge exploit. He stated that the compromised element in this case was the multisig wallet controlling the protocol, with the breach occurring several days or weeks before the funds were drained.

How the Hack Was Likely Executed

According to Guillemet, the hacker likely either stole the private keys or, more probably, compromised multiple machines used by the multisig signers. This allowed them to “trick the operators into approving a malicious transaction.” The signers unknowingly authorized the fund drain, believing they were approving a legitimate operation.

Similar Tactics and Threat Actors

This method of attack is similar to a 2025 incident targeting the Bybit exchange. Guillemet believes this tactic is frequently employed by actors linked to the Democratic People's Republic of Korea (DPRK). He characterized the attack as a “patient, sophisticated supply-chain-level compromise targeting the human and operational layer, not the smart contracts themselves.”

Call for Enhanced Security Measures

Guillemet emphasized the need for the crypto industry to implement better mechanisms for detecting such vulnerabilities before they can be exploited. He specifically called for secure key management and clearer signing procedures.

USDT Response to the Hack

Paolo Ardoino praised the USDT team for their swift response to the Drift Protocol exploit. Within 90 minutes of the drain, the team paused the legacy mesh infrastructure for the Solana chain to prevent potential misuse by the hacker. This infrastructure facilitates seamless omnichain transactions of USDT across Ethereum, Solana, and TON.

Comments 0

Loading comments...