Drift Protocol Got Hacked for $295M — Here’s How It Plans to Pay Users Back

TLDR

• Drift Protocol was hacked on April 1 for $295 million by a North Korea-linked group
• Users will receive “recovery tokens” worth $1 each, tied to verified losses
• A recovery pool starts at $3.8M, with up to $147.5M pledged from Tether and partners
• Drift plans to relaunch in Q2 2026 as a leaner, security-focused perpetuals exchange
• Full repayment could take up to eight years at current revenue rates

Drift Protocol, a Solana-based derivatives exchange, has released a recovery plan after a $295 million hack on April 1, 2026. Blockchain forensics firm Mandiant identified the attackers as a North Korea state-backed group known as DPRK.

Hackers tricked Drift administrators into approving fake transactions, forcing the protocol to immediately suspend trading and borrowing. The attack is one of the largest DeFi exploits this year.

Drift says most of the stolen assets are still traceable. Around 130,259 ETH, worth roughly $31 million, is sitting across four monitored wallets with limited movement off-chain.

About $3.36 million in USDC has already been frozen. The protocol says legal efforts to seize and return additional funds are ongoing.

Drift launched a public bounty offering 10% of any recovered assets to incentivize outside help tracking down the stolen funds.

How the Recovery Tokens Work

Users affected by the hack will be issued recovery tokens. Each token represents $1 of verified loss and can be redeemed against a growing recovery pool.

The pool starts with around $3.8 million in remaining protocol assets. Tether has pledged up to $127.5 million tied to performance milestones, and other partners have committed up to $20 million more.

Once the pool reaches $295.4 million, tokens can be redeemed at full value. Users who don’t want to wait can redeem early at a discount once the pool passes $5 million.

Drift earned $19 million in revenue in 2025. If Tether and partners deliver on their pledges, the timeline shortens. Without those commitments, full repayment could take close to eight years.

Recovery tokens will be transferable, allowing users to sell their claims rather than wait for the pool to fill.

All key elements of the recovery plan still need approval from Drift token holders through a governance vote.

Relaunch Plans

Drift plans to relaunch before July 2026 as a narrower, security-focused exchange. The new version will focus only on perpetual futures trading and run on slimmed-down code.

The protocol will accept fewer collateral types and limit trading to the most liquid assets. This reduces the attack surface for future exploits.

New security measures will include multisig controls, time-locked operations, key rotation and mandatory quarterly security training for administrators.

Drift will pause development on its mobile app and a new liquidity model it announced just three months before the hack.

The Drift token was trading just under $0.04 before and after Tuesday’s announcement, with little market reaction to the news.

Drift’s announcement follows a similar move by Aave, which is leading a coordinated recovery effort for Kelp DAO after a separate $280 million North Korea-linked hack.

The post Drift Protocol Got Hacked for $295M — Here’s How It Plans to Pay Users Back appeared first on CoinCentral.