Drift Protocol Loses $280 Million After Hackers Seize Security Council Administrative Control

The Drift Protocol, a decentralized finance trading platform built on the Solana blockchain, lost at least $280 million after a threat actor executed a sophisticated, planned operation to seize control of its Security Council administrative powers, BleepingComputer reported. The Security Council in Drift's governance architecture holds elevated administrative rights over the protocol's smart contracts, including the ability to upgrade contract code, adjust risk parameters, and move funds. By compromising the Security Council, the attacker gained the ability to make unauthorized changes to the protocol that allowed them to drain funds. The operation is described as planned and sophisticated, suggesting the attacker had studied Drift's governance structure in advance and identified the Security Council as the highest-value target in the protocol's security model. Governance-layer attacks of this type exploit the difference between the security of smart contract code, which is typically audited, and the security of the human or multi-signature wallet infrastructure that controls administrative privileges. Drift is one of the largest perpetual futures trading platforms on Solana, with significant open interest and user funds under management. A $280 million loss would rank among the largest single DeFi exploits on record. The protocol's team confirmed the incident and said it is working with security researchers to assess the full scope of the damage and identify what recovery options exist. Funds drained from DeFi protocols are rarely recovered without cooperation from centralized exchanges that the attacker uses to convert stolen assets. The attack highlights a persistent vulnerability in decentralized finance architecture: even technically sound smart contracts can be compromised through the administrative keys that control them.