Drift Protocol Exploit Drains Up to $285M; USDC Bridged via CCTP With No Pause or Freeze

A major exploit hit Drift Protocol on April 1, 2026, during U.S. business hours, draining as much as $285 million and triggering a rapid collapse in liquidity. Total value locked (TVL) fell from $311.38 million to $23.49 million within hours, a 92.5% plunge. On-chain activity shows the attacker quickly consolidated funds and converted assets into USDC and SOL. The USDC was then bridged from Solana to Ethereum over several hours through Circle's Cross-Chain Transfer Protocol (CCTP). On-chain investigator ZachXBT tracked the movement in real time and said Circle did not intervene. CCTP operates by burning USDC on the source chain and minting it on the destination chain. Despite the nine-figure flow tied to the exploit, transfers proceeded without a pause, freeze, or manual review. ZachXBT argued this points to inadequate protocol-level monitoring, noting the transfers were unusually large and fast yet still cleared. The episode is drawing comparisons to Circle's recent wallet actions. ZachXBT said Circle froze more than 16 business-linked wallets last week by mistake, and those wallets are still being unfrozen. Market participants questioned the inconsistency, with some arguing that if internal wallets can be frozen, similar safeguards should have been able to disrupt nine-figure exploit flows routed through CCTP. Related: DeFi Hacks Top $137M in Early 2026 as Security Failures Mount Disclaimer: This content is for informational and educational purposes only and does not constitute financial advice. Coin Edition is not responsible for losses arising from the use of any referenced content, products, or services. Readers should exercise caution before taking any action related to the company.