Rewards Hub Ledger CTO Charles Guillemet has clarified that the recent hack on Drift Protocol was not due to a smart contract vulnerability but rather a compromise of the protocol's multisig mechanism. The attackers allegedly infiltrated the devices of multisig holders or stole sufficient private keys, misleading operators into approving malicious transactions. This method mirrors a previous attack on Bybit, suspected to involve North Korean hackers. A significant amount of the stolen funds has been transferred to wallets controlled by the hackers. Guillemet urges the industry to enhance endpoint detection capabilities and adopt hardware-backed plaintext signatures to mitigate such operational security risks.
Drift Protocol Hack Attributed to Multisig Exploit, Not Smart Contract Flaw
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.