On April 1, 2026, Drift Protocol, one of Solana’s largest perpetuals exchanges, lost $285 million in under twelve minutes. The attack did not exploit a smart contract bug. It exploited people. Understanding what happened at Drift is not just a post-mortem exercise. It is a blueprint for how serious capital should evaluate any DeFi protocol it touches — including Hyperliquid.
What Happened at Drift: A Timeline
The attack did not start on April 1st. It started six months earlier. In fall 2025, individuals posing as representatives of a quantitative trading firm approached Drift contributors at a major crypto conference. They built a relationship over months: Telegram conversations, face-to-face meetings at international events, working sessions on vault integrations. They even deposited over $1 million of their own capital into a Drift Ecosystem Vault to establish credibility. By early 2026, the attackers had full access to Drift’s inner circle.
The technical setup unfolded in three phases:
lorem ipsum
The strategy
