Industry

Drift Protocol Exploit Linked to Compromised Multisig Signers: Squads

The firm said its own infrastructure remains secure, though the investigation is ongoing.

Written By Shubham Soni Shubham Soni
Make The Crypto Times preferred on Google
Drift Protocol Exploit Linked to Compromised Multisig Signers Squads

Key Highlights

  • Squads points to compromised administrative access as the likely cause of the Drift Protocol exploit.
  • The firm found no security lapse in its own system but continues to investigate further.
  • The attacker initially moved funds via a series of coordinated transactions.

Squads, a multisig platform for managing Solana assets, stated that the Drift Protocol exploit may have been triggered by compromised administrative access rather than a direct smart contract flaw. The incident has so far wiped out more than $270 million in digital assets. 

The update was posted on Squads’ official X account on April 2, stating that its initial investigation found two compromised signers on Drift’s admin multisig, which were reportedly used to change the protocol’s settings. 

The firm added that its own infrastructure and programs were secure; however, the investigation is ongoing.

Unveiling the process of attack

The update diverts attention from earlier assumptions of a vault-level vulnerability to an operational security failure. Multisig wallets, mostly used in decentralized protocols to manage administrative control, need various approvals for sensitive actions. However, if enough signers are compromised, attackers can dodge these safeguards.

Squads indicated that the attacker may have exploited the setup, with the gain of access to various signer credentials, permitting them to authorize malicious changes. 

Security practices under focus

The incident highlights increasing risks revolving around multisig governance and operational security in decentralized finance. 

Squads highlighted various practices in its detailed post, including higher signing thresholds, use of time locks, real-time monitoring tools, and stricter signing procedures using dedicated hardware devices. It also stressed the significance of internal security culture, noting that many recent high-profile exploits have targeted individuals instead of code. 

Meanwhile, in an X post on April 2, Drift stated that “a combination of pre-signed durable nonce transactions and the compromise of multiple multisig signer’s approvals enabled the exploit.”

Broader implications 

The incident flags a broader shift in DeFi risk, originating from code vulnerabilities to human and operational weaknesses. Even a strong smart contract can get compromised if key management and governance processes fail. 

As protocols expand and manage big capital pools, multisig security, signer discipline, and internal controls may prove just as crucial as technical audits. Weak operational safeguards can expose gaps between decentralized infrastructure and centralized human decision-making.

Also Read: YZi Labs Backs Predict.fun Again as Sector Heats Up

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.
Google News Banner
TAGGED:
Share This Article

Latest News

Demo Live
Prediction Market Fight May Reach Supreme Court CFTC Chair Selig
Prediction Market Fight May Reach Supreme Court: CFTC Chair Selig
Anchorage Bets Big on AI Economy With New Banking Model
Anchorage Bets Big on AI Economy With New Banking Model
Tapnob Rolls Out Crypto-to-Naira Payment Platform in Nigeria
Tapnob Rolls Out Crypto-to-Naira Payment Platform in Nigeria
Clarity Act on Fast Track Senator Moreno Sets July 4 Deadline
Clarity Act on Fast Track? Senator Moreno Sets July 4 Deadline

Find Us on Socials

You may also like