Drift says $280M exploit tied to ‘sophisticated’ admin takeover; ZachXBT criticizes Circle over USDC handling

The Solana-based trading platform Drift Protocol has confirmed a $280 million exploit resulting from a sophisticated administrative takeover. Attackers utilized durable nonces to gain unauthorized access to the protocol's Security Council permissions, allowing them to bypass withdrawal limits and drain assets including SOL, USDC, and BTC. Drift has frozen protocol functions and is collaborating with law enforcement to track the stolen funds.

Simultaneously, onchain investigator ZachXBT criticized Circle for failing to freeze over $230 million in stolen USDC that was moved across chains using the Cross-Chain Transfer Protocol. This incident has reignited debates regarding the centralized oversight of USDC, especially following previous controversies where Circle faced scrutiny for freezing wallets without public explanation.

(Source：The Block)