Drift: Attacking non-contract vulnerabilities or mnemonic phrase leaks, specifically persistent random number pre-signed transactions to break multi-signature permissions.

CoinFeed reported on April 2nd that Drift Protocol released an update on its investigation into an attack. Attackers used a novel attack involving persistent random numbers, combined with social engineering targeting multi-signature signers, to gain administrative control of the Drift Security Council and steal approximately $280 million. All funds deposited into lending, vaults, and used for transactions were affected. Unaffected assets include DSOL not deposited into Drift (including assets staked to Drift validators) and insurance fund assets (which will be withdrawn from the protocol for protection). Drift has frozen all remaining protocol functionality and updated its multi-signature wallet to remove the attacked wallet. The attack began preparations on March 23rd, creating four persistent random number accounts (two associated with multi-signature members and two controlled by the attacker), and obtaining at least two-fifths of the multi-signature approvals.