SlowMist: Drift's multisignature mechanism was modified a week before the theft, subsequently leading to the leakage of administrator privileges.

CoinFeed reported on April 2nd that SlowMist, in an analysis of the Drift hack, pointed out that a week before the attack, Drift adjusted its multi-signature mechanism to "2/5" (1 old signer + 4 new signers) and did not set a timelock. The attackers subsequently gained administrator privileges, forged CVT tokens, manipulated oracles, disabled security mechanisms, and transferred high-value assets from the liquidity pool. Previous reports indicated that the Drift Protocol hack resulted in losses exceeding $277 million, with the stolen funds converted into approximately 129,000 ETH.