SlowMist: The multi-signature mechanism was modified more than a week before the Drift theft, followed by an administrator privilege leak.

MeNews · 2026-04-02T03:40:19+00:00

SlowMist analyzes the Drift theft incident, pointing out that a week before the attack, Drift adjusted the multi-signature mechanism without setting a time lock, allowing the attacker to gain admin privileges, forge tokens, and manipulate oracles, resulting in approximately $226 million in stolen funds. The flow of the related funds is currently being tracked.

MeNews

2026-04-02 03:40:19

Abstract generation in progress

ME News message, April 2 (UTC+8). SlowMist published an analysis of the Drift hack, pointing out that one week before the attack, Drift changed the multisig mechanism to “2/5” (1 old signer + 4 new signers) and did not set a timelock. The attackers then obtained administrator privileges, forged CVT tokens, manipulated the oracle, disabled safety mechanisms, and transferred high-value assets from the treasury pool. At present, the stolen funds have mainly been consolidated to Ethereum addresses, totaling about 105,969 ETH (about $226 million). SlowMist said that the related fund flows are still being actively tracked. (Source: ChainCatcher)

ETH-4.4%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.