What initially appeared to be an April Fool's prank quickly escalated into one of the biggest DeFi disasters of 2026 after Drift Protocol confirmed a massive exploit that drained up to $270 million from its platform. On April 1, Drift posted an urgent warning to users about unusual activity, stressing that deposits should stop immediately and 'this is NOT an April Fools joke.'
Within hours, on-chain data revealed that the Solana-based protocol had been hit by a large-scale exploit, with losses estimated between $200-270 million. The attack targeted several of Drift's key products, including its delta-neutral and staking vaults, with a single transfer involving tens of millions of JLP tokens accounting for a substantial portion of the losses. Other assets including SOL, USDC, and tokenized Bitcoin were also drained.
The scale of the attack places it among the largest incidents in Solana's history, rivaled only by the Wormhole bridge exploit. Drift's native token fell sharply following the news, reflecting immediate market concern over protocol stability. Blockchain analysts observed the attacker quickly converting stolen assets into stablecoins through Jupiter before bridging funds to Ethereum, with updated figures eventually reaching $285 million in total losses.
