Attack Drains $285M via Circle’s CCTP, Cuts Drift TVL by 45%
On April 1, attackers drained $285M from Drift Protocol, halving its TVL from $550M to $300M, and bridged stolen assets via Circle’s CCTP. Delayed freeze on CCTP transfers drew criticism, raising security concerns over Circle’s token bridge infrastructure.
1. Exploit Details
On April 1, Drift Protocol was subjected to a sophisticated exploit that drained $285 million from its vaults. The attacker used a fake token and a compromised admin key to manipulate oracle prices and extract funds in USDC, SOL, JLP, WBTC and other assets before bridging them through Circle’s CCTP.
2. Circle’s CCTP Role
The stolen assets were routed via Circle’s Cross-Chain Transfer Protocol, which lacked an immediate freeze mechanism. The delayed response in halting CCTP transfers allowed the attacker to move funds across chains, prompting criticism of Circle’s ability to promptly suspend illicit transfers.
3. Impact on Drift Protocol
The hack wiped out more than half of Drift’s total value locked, dropping from about $550 million to under $300 million in under an hour. The DRIFT token plummeted over 40%, and a dozen Solana-based DeFi platforms with exposure paused operations or assessed losses.
4. Implications for Circle
Circle faces heightened scrutiny over CCTP’s security and governance controls as users question its freeze capabilities. The incident may accelerate demands for regulatory oversight and force Circle to implement more robust real-time transaction monitoring and emergency response protocols.