Drift Protocol, the Solana-based perpetual futures exchange, disclosed on April 1, 2026 that it was experiencing an active exploit, with on-chain analysts estimating over $270 million in assets were transferred to a wallet beginning with HkGz4K. The protocol immediately suspended deposits and withdrawals as DRIFT tokens fell nearly 25% within hours.
<h2>What Happened in the Reported Drift Protocol Exploit</h2>
Drift Protocol confirmed the attack in a public statement on April 1, noting it was coordinating with multiple security firms, bridges, and exchanges to contain the incident. Deposits and withdrawals were suspended while the team assessed the damage.
On-chain analytics firm Lookonchain was among the first to flag the suspicious activity, identifying wallet <code>HkGz4KmoZ7Zmk7HN6ndJ31UJ1qZ2qgwQxgVqQwovpZES</code> as the destination for what it described as over $270 million in transferred assets. The full scope of the loss has not been independently reconciled across all reported transactions.
Solana blockchain records show at least two large transfers into a token account owned by the HkGz4K wallet. One transaction moved <a href="https://explorer.solana.com/tx/2uGwwa9tKyq3QHNKLN31akFXo1oDyNEehsjUSQg7LBd9EqkpDpf3CQnqWiE7WFZMcogRCeb3FSYLmr3njvckE1dB" target="_blank" rel="noopener">26,073,680 units</a> of a token mint into the account, raising its balance to exactly 49,000,000 units. A prior transaction had already deposited 11,544,288 units into the same account.
<div class="on-chain-data" style="background:#0d0d17;border-left:3px solid #ab47bc;padding:16px 20px;margin:20px 0;border-radius:4px;">
ON-CHAIN DATA
<ul style="margin:0;color:#e6edf3;">
<li>Transaction: 2uGwwa&#8230;E1dB</li>
<li>Amount: 26,073,680.249748 units of mint EAbAnw&#8230;pump</li>
<li>Destination: Token account EQ5ukT&#8230;6QeU, owned by HkGz4K&#8230;</li>
<li>Resulting balance: 49,000,000 units</li>
<li>Timestamp: April 1, 2026, 21:05 UTC</li>
</ul>
</div>
According to unconfirmed reports from early media coverage, the asset-by-asset breakdown included 41.72 million JLP, 51.616 million USDC, 125,000 WSOL, and 164,349 cbBTC, with Drift vault holdings reportedly falling from $309 million to $41 million. These figures have not been independently verified transaction by transaction.
<h2>DRIFT Token Crashed as Fear Spiked Across Markets</h2>
Helius CEO Mert Mumtaz was among the earliest prominent voices to raise the alarm publicly, warning users to monitor their positions before Drift had issued its official confirmation.
<blockquote class="twitter-tweet" style="margin:20px 0; padding:16px 18px; background:#170d1a; color:#f3f4f6; border:1px solid #ab47bc; border-radius:12px; margin:20px 0; padding:16px 18px; background:#170d1a; color:#f3f4f6; border:1px solid #ab47bc; border-radius:12px">
not 100% fully certain yet, but it seems drift might be getting exploited
monitor your positions <a rel="noopener" target="_blank" href="https://t.co/xaHqJNDHg2">https://t.co/xaHqJNDHg2</a>
&mdash; mert (@mert) <a rel="noopener" target="_blank" href="https://twitter.com/mert/status/2039391990073176258?ref_src=twsrc%5Etfw">April 1, 2026</a></blockquote>
Source: @mert on X
The market reaction was swift. DRIFT traded at $0.05107, down 24.83% over 24 hours, with roughly $29.09 million in trading volume as sellers rushed to exit positions.
<figure style="margin:24px 0;"><img decoding="async" src="https://tokentopnews.com/wp-content/uploads/2026/04/tokentopnews__coinmarketcap__price-chart-5.jpg" alt="CoinMarketCap price chart for Top 5 News for 24 Hour: - 1. Drift Protocol exploited, $270M assets transferred to HkGz4K. → 👁 531 | ❤️ 0" style="width:100%;border-radius:6px;" / onerror="this.onerror=null;this.src='/images/default-thumb.svg'"><figcaption style="text-align:center;color:#888;font-size:13px;margin-top:8px;">CoinMarketCap market data view included to frame the latest move in Drift Protocol.</figcaption></figure>
DRIFT&#8217;s market capitalization fell to approximately $29.68 million. The broader crypto Fear and Greed Index sat at 8, firmly in &#8220;Extreme Fear&#8221; territory, reflecting the sharp negative sentiment surrounding the incident.
If the reported $270 million figure holds, this exploit would rank among the largest DeFi security breaches in 2026 and one of the most significant on Solana to date. The scale of the transfer, combined with the speed at which vault assets reportedly drained, underscores the concentrated risk in permissionless lending and trading protocols.
<h2>What to Watch as the Investigation Develops</h2>
The most critical next step is an official post-mortem from Drift Protocol detailing the attack vector, confirmed losses, and any recovery path. As of publication, the team has confirmed the attack and suspended platform activity but has not released a full incident report.
On-chain investigators and security firms are expected to trace the movement of funds from wallet HkGz4K to determine whether assets have been bridged to other chains, swapped through decentralized exchanges, or moved to centralized platforms where they could potentially be frozen.
Users with open positions or funds deposited in Drift vaults should watch for official communications regarding the timeline for resuming withdrawals. Drift stated it was coordinating with exchanges and bridge operators, which could indicate efforts to blacklist the attacker&#8217;s addresses and recover funds.
Until the protocol publishes a confirmed loss figure and technical breakdown, the over $270 million estimate should be treated as a preliminary number reported by on-chain analysts, not a final accounting. The gap between early estimates and confirmed losses in DeFi exploits can be significant in either direction.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.

Drift Protocol Exploited: $270M Assets Sent to HkGz4K

What to Watch as the Investigation Develops

Related Articles