I. April 1, 2026: $285 million Drift Protocol hack (Silicon Valley, U.S.)
285 Million Vanishes in 12 Minutes: The Drift Heist with a Fake TokenBy Ray Dalio | Apr 3, 2026 The frontier between a clever technical gambit and a full-blooded social engineering caper blurred into nothingness on April 1, 2026, when Drift Protocol—the grande dame of Solana’s decentralized derivatives scene—was systematically hollowed out for a cool $285 million. What began as a set of “routine maintenance” pre-signatures quickly blossomed into a catastrophic collapse of multi-sig governance, leaving the $DRIFT token in a freefall of over 38% and a once-lustrous liquidity pool now a virtual mausoleum. This wasn’t merely a bug in the code; it was a psychological masterclass that turned the protocol’s own admin keys into a prop for catastrophe, rendering it the largest DeFi breach of 2026 and the second grandest in Solana’s annals after the Wormhole fiasco of 2022. The first tremors fluttered across X (the formerly known Twitter) in the wee hours of April 1, 2026, and the community’s reaction wore pyjama sleeves—initial disbelief, followed by a rather splendid shrug at the holiday timing. Then came the official note: “We are observing unusual activity on the protocol. We are currently investigating. Please do not deposit funds into the protocol while we investigate. This is not an April Fools joke.” Before long the protocol swung the shutters shut on deposits and withdrawals, but the mischief was already afoot. Phantom’s on-site immune system sprang to action, issuing an emergency dApp warning and blocking Drift within their in-app browser to curtail further fiddling. Within a mere 12 minutes, the attacker drained roughly $285 million through 31 rapid withdrawal transactions. The operation was so smooth it bypassed the usual withdrawal throttles, as if the money had walked out wearing a pair of silent shoes.
II. January 16, 2026: $282 million social engineering attack
THE $282 MILLION HEIST: HOW A BITCOIN THEFT TRIGGERED A 36% MONERO SURGEMar 21, 2026 In one of the most significant social engineering attacks of 2026, a single crypto investor lost over $282 million in Bitcoin (BTC) and Litecoin (LTC) after being deceived by scammers impersonating Trezor customer support. The heist was executed through a sophisticated impersonation of Trezor, a leading hardware wallet provider. The scammers successfully manipulated the victim into revealing their recovery seed phrase—the "master key" to their digital wealth. This allowed the attackers to drain 1,459 BTC and 2.05 million LTC in a single swoop. The theft, revealed on January 16 by on-chain sleuth ZachXBT, didn't just devastate a private portfolio—it sent shockwaves through the privacy coin market. As the attacker aggressively laundered the stolen assets through Thorchain and into Monero (XMR) to obscure their trail, XMR experienced a massive 36% price rally, peaking near $800.