u.today
Charles Guillemet, the CTO at Ledger, has shared his take on today’s hack of the Drift Protocol on the Solana chain. He has called this event the biggest hack in 2026 so far.
This morning the official X account of the Drift Protocol confirmed the exploit and the loss of approximately $213 million in crypto. Later, on-chain trackers on X began reporting that the hacker started converting the stolen stablecoins into Ethereum.
"The biggest hack of 2026 so far" and a wake-up call
By the scale of the hack, Guillemet compared the exploit of the Drift Protocol, one of the major perpetual dexes on the Solana chain, to the Wormhole Bridge exploit that happened in 2022.
While not all the details have been disclosed so far, he continues, what was compromised was the multisig which controlled the protocol. And it was done several days or perhaps even weeks before the hacker drained the funds from the platform
Drift Protocol, one of the leading perpetual DEXs on Solana, has been hacked for approximately $213M. This makes it the biggest hack of 2026 so far, and one of the largest ever on the Solana blockchain, right behind the Wormhole Bridge exploit of 2022.
— Charles Guillemet (@P3b7_) April 2, 2026
The full details of the…
The private keys were either stolen by the hacker or, which the Ledger CTO believes to be more likely, the hacker compromised several machines ran by multisig signers and then “tricked the operators into approving a malicious transaction.” In this case, the signers thought they were approving a legal transaction while they were actually authorized the drain without even knowing it.
This method of hacking looks similar to the attack on the Bybit exchange in 2025 and it is widely used by DPRK-linked bad actors, Guillemet concluded. The pattern of this modus operandi is the following, per the CTO: “patient, sophisticated supply-chain-level compromise targeting the human and operational layer, not the smart contracts themselves.”
Charles Guillemet believes this is a big wake-up call for the whole crypto industry to implement better mechanisms to detect such vulnerabilities before they can be exploited. Also, he insists that secure key management and clear signing must be implemented.
Tether CEO's reaction to the hack
Paolo Ardoino sent kudos to the USDT0 team, praising their quick response to the Drift Protocol exploit. Once the drain happened, the team paused the legacy mesh infrastructure for the Solana chain within 90 minutes, fearing that the hacker might use it.
$USDT is the People's digital dollar.
— Paolo Ardoino 🤖 (@paoloardoino) April 2, 2026
People and institutions will always gravitate towards solutions that protect them in difficult moments like these security breaches.
Well done @USDT0_to team ❤️ https://t.co/88WmWgmkoE
Legacy Mesh links native $USDT across major blockchains, like Ethereum, Solana, and TON, and allows for seamless omnichain transactions of $USDT without wrapped tokens.