Drift Hack Update: Attackers Contacted as Solana Ecosystem Faces Wider Impact

• Drift contacts attackers directly as exploit impact spreads across Solana
• Multiple protocols affected while recovery efforts remain uncertain after breach
• Unknown sender complicates negotiations with unexpected demand for 1000 ETH

Drift Protocol has stepped up its response after a major exploit disrupted its platform and triggered wider concerns across the Solana ecosystem. The decentralized exchange confirmed it has initiated direct onchain communication with wallets believed to be connected to the stolen funds, signaling a more assertive recovery approach as the situation continues to unfold across multiple affected platforms.

According to the update shared by the team, Drift sent onchain messages from its Ethereum address to four wallets associated with the attacker, urging them to establish contact through Blockscan chat in an effort to open dialogue and potentially negotiate the return of funds. This approach reflects a broader pattern within decentralized finance, where protocols increasingly rely on blockchain-based messaging to engage attackers while preserving anonymity and avoiding centralized intervention that may delay response efforts or complicate recovery attempts.

However, the situation has become more complex following the emergence of a separate onchain message from an unidentified sender using the ENS name readnow.eth, who claimed to know the attacker’s identity and demanded 1,000 ETH in exchange for withholding sensitive information, although these claims remain unverified.

Such parallel communications often create confusion during exploit response efforts, as multiple actors attempt to influence the attacker, which can undermine structured negotiation attempts and increase uncertainty around the authenticity of messages being exchanged.

Also Read: Riot Dumps $289M in Bitcoin as Mining Giants Shift Strategy in 2026

Expanding Impact Raises Concerns Across Solana Ecosystem

Meanwhile, the consequences of the exploit continue to spread across the Solana ecosystem, with reports indicating that at least 20 protocols have experienced exposure, highlighting how interconnected infrastructure can amplify the impact of a single security breach across multiple platforms.

Among the affected projects, the decentralized finance platform Gauntlet recorded estimated losses of approximately $6.4 million, reflecting the broader financial damage linked to the exploit and raising concerns about systemic risk within the ecosystem. Additionally, blockchain security firm Cyvers reported that no funds had been recovered within 48 hours of the incident, while suggesting that the attack likely involved a carefully staged process that unfolded over several weeks using advanced preparation techniques.

The firm noted that attackers utilized durable nonces to pre-sign transactions in advance, allowing execution at a later stage, which increased the effectiveness of the exploit while reducing the chances of immediate detection during the preparation phase. Furthermore, analysts compared the incident to previous exploits, including the Bybit case, where users unknowingly approved malicious transactions, highlighting persistent vulnerabilities tied to transaction authorization within decentralized systems.

Drift Protocol’s outreach marks a critical phase in the response process, although recovery remains uncertain as the broader impact continues to unfold across Solana, reinforcing the need for stronger safeguards and improved coordination across decentralized finance platforms.

Also Read: Ripple’s RLUSD Enters Gold Arena With Explosive New Trading Pairs

The post Drift Hack Update: Attackers Contacted as Solana Ecosystem Faces Wider Impact appeared first on 36Crypto.