SlowMist: The multi-signature mechanism was modified more than a week before the Drift theft, followed by an administrator privilege leak.

MeNews · 2026-04-02T03:00:20+00:00

SlowMist analyzes the Drift theft incident, pointing out that a week before the attack, Drift adjusted the multi-signature mechanism without setting a time lock, allowing the attacker to gain admin privileges, forge tokens, and manipulate oracles, resulting in approximately $226 million in stolen funds. The flow of the related funds is currently being tracked.

MeNews

2026-04-02 03:00:20

Abstract generation in progress

ME News report, April 2 (UTC+8). SlowMist published an analysis of the Drift theft incident, noting that one week before the attack, Drift changed its multisig mechanism to “2/5” (1 old signer + 4 new signers) and did not set a timelock. The attacker then gained administrator privileges, forged CVT tokens, manipulated the oracle, disabled security mechanisms, and transferred high-value assets from the treasury. Currently, the stolen funds have mainly been consolidated into an Ethereum address, totaling approximately 105,969 ETH (about $226 million). SlowMist stated that the related fund flows are still being actively tracked. (Source: ChainCatcher)

ETH-4.4%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.