Security Incidents

Bitcoin (BTC) gives back this week’s gains, temporarily trading at around $66,780 on April 3. Bitcoin miner MARA cut 15% of its workforce, shifting its strategy toward energy and digital infrastructure. Blockchain analytics firm Elliptic says North Korean hackers may exploit a vulnerability in the Drift Protocol to profit $286 million.

As of April 3, DRIFT’s price is up 24.16%, now trading at $0.0561, with a market cap of approximately $32.62 million. Drift Protocol, as a decentralized exchange, has performed well in terms of security and liquidity, but trading has been restricted due to recent security incidents and risk management measures by South Korean exchanges, which has increased market volatility.

Blockchain investigator ZachXBT has once again slammed Circle and its CEO, Jeremy Allaire, following alleged inaction during the $280 million exploit tied to Drift Protocol. He described the entire fiasco as a critical delay in response as funds were actively moved across chains. Circle Under

Social media platform X is considering implementing new rules for first-time user posts about crypto in an effort to crack down on scammers using phishing attacks to gain access to accounts. Nikita Bier, the head of product at the platform formerly known as Twitter, made the announcement on

In brief Social media platform X is working on new changes to combat crypto scams on the platform. The platform will attempt to lock down accounts that are posting about crypto for the first time, particularly those with large followings. The change comes as financial scams continue to

Social media platform X will auto-lock accounts that mention cryptocurrency for the first time, requiring additional verification to deter crypto phishing scams. This new measure aims to eliminate incentives for attacks that hijack accounts to promote fraudulent tokens.

The Drift Protocol exploit on April 1, 2026, drained $285 million through admin control, triggering a sharp decline in Solana DeFi. Attackers manipulated oracle pricing and governance, leading to rapid asset withdrawals and cross-chain fund transfers, complicating recovery efforts.

X (formerly Twitter) will implement new protective measures. If a user posts content related to cryptocurrency for the first time, the account will automatically be locked and prompted for identity verification to prevent hackers from using the account to carry out scams. X product lead Nikita Bier also criticized Google for tolerating phishing emails, emphasizing that this move can eliminate 99% of hackers’ motivations.

X platform product lead Nikita Bier announced that it will roll out new measures against crypto phishing scams. The account that is first to publish relevant content will be locked and will need to complete identity verification. It is expected to eliminate 99% of malicious actors’ motives. He also pointed out that Google failed to effectively block phishing emails.

Ledger wallet was scammed, US authorities recover over $600,000 The U.S. Attorney's Office in Connecticut has seized more than $600,000 in crypto from a scam targeting Ledger users, tightening on-chain cash flow risks. Ledger wallet appears at the center of a recent crypto scam just exposed by U.S. authorities

Resolv Labs updated users on the recent exploit that minted 80 million USR tokens. While whitelisted holders have largely redeemed their tokens, non-whitelisted users and RLP holders face delays. Investigations found no insider involvement, but recovery remains uncertain.

Gate News message, on April 2, Wormhole posted on the X platform in response to the Drift Protocol attack incident. Wormhole said that user assets are not currently at risk, and the cross-chain bridge functionality can still be used normally. However, due to the built-in security mechanisms configured for Solana, some cross-chain transfers may experience delays. Wormhole’s core contributors have been in communication with the Solana ecosystem team and will continue to provide support as needed.

Solana Foundation Chief Product Officer Vibhu Norby responded to the Drift Protocol security incident, confirming that an attack occurred. The cause of the attack is still under investigation. The incident is related to operational security or social engineering, highlights the potential risks of multisig mechanisms, and says that this incident does not represent a systemic issue with Solana DeFi.

Ledger CTO Charles Guillemet noted that Drift Protocol’s exploitation method is similar to a 2025 CEX hack incident, and that the security issues mainly stem from people and operations rather than code defects. The attacker infiltrated a multisig device to trick the signer into approving a malicious transaction.

Magic Eden is discontinuing its wallet app, transitioning to an export-only mode, which means users must export their private keys to avoid losing access to their funds. This change emphasizes the importance of self-custody and key preservation for cryptocurrency users.

On April 1, 2026, Drift Protocol in the Solana ecosystem was hacked, resulting in losses of about $285 million. The attacker obtained administrator permissions for a multisig wallet, swiftly withdrew funds, and transferred them cross-chain to Ethereum, becoming the largest single security incident in the DeFi space. The investigation found that the attack was caused by a multisig management configuration flaw: the lack of a time-lock mechanism allowed the attacker to execute malicious actions immediately. The incident caused Drift’s total value locked to drop sharply, significantly impacting the Solana ecosystem.

Google's quantum AI team research indicates that the quantum computing power required to break Bitcoin is far lower than expected, potentially less than 500,000 qubits. Research simulations show that hackers could intercept ongoing Bitcoin transactions within 9 minutes, and that about one-third of the Bitcoin is stored in already exposed wallets, increasing the risk of quantum attacks. While Bitcoin's Taproot upgrade strengthens privacy, it also increases the exposure of public keys, raising the risk to assets.

Li Xiong was extradited back to China from Cambodia, involving a cross-border money laundering case tied to the $4 billion Weiwang Group. The case has exposed the links between the Southeast Asian scam industry chain and crypto funds. Experts noted that the group, as a scam infrastructure provider, supports online scams and the movement of funds. Despite intensified international crackdown efforts, the money-laundering network remains highly adaptable, making it extremely difficult to trace.

All-chain stablecoin protocol USDT0 responded rapidly after the Solana Drift security incident, pausing its cross-chain communication network within 90 minutes. Tether’s CEO praised its team’s handling, while Z achXBT criticized Circle for not freezing USDC transfers.