12 Protocols Hacked in 16 Days — DeFi's Post-Drift Contagion

# 12 Protocols Hacked in 16 Days — DeFi's Post-Drift Contagion

The Drift Protocol hack on April 1, 2026 ($285M) wasn't just the largest DeFi exploit of the year.

It was the starting gun for a 16-day contagion that saw 12 additional protocols compromised, totaling over $320M in combined losses.

Some were copycat attacks. Some were unrelated but opportunistic. And some exposed vulnerabilities that had been hiding in plain sight for months.

Here's the full timeline — and the common threads connecting them all.

The Timeline: April 1-17, 2026

| Date | Protocol | Chain | Amount | Attack Vector |

|------|----------|-------|--------|---------------|

| Apr 1 | Drift Protocol | Solana | $285M | Compromised admin key + social engineering |

| Apr 3 | Silo Finance | Ethereum | $392K | Misconfigured oracle (Chainlink) |

| Apr 5 | CoW Swap | Gnosis | $1.2M | Access control exploit (solver whitelist) |

| Apr 6 | Hyperbridge | Polkadot | $8.7M | Bridge relayer key compromise |

| Apr 7 | Bybit | Centralized | $1.4B | Hot wallet private key leak (internal) |

| Apr 9 | Aethir | Arbitrum | $423K | Access control (minter role misconfiguration) |

| Apr 10 | Dango | Base | $87K | Flash loan price manipulation |

| Apr 11 | BSC TMM Pool | BSC | $215K | Reentrancy (classic attack) |

| Apr 13 | MONA | Ethereum | $1.9M | Oracle manipulation (Uniswap v2 spot price) |

| Apr 14 | Zerion | Multi-chain | $2.1M | Compromised API key (backend) |

| Apr 15 | Rhea Finance | Optimism | $320K | Access control (admin role not revoked) |

| Apr 17 | Grinex | Ethereum | $540K | Unverified external call (proxy upgrade) |

Total: $1.72B across 12 protocols in 16 days.

But not all of these are equal. Let's break them into categories.

Category 1: Copycat Attacks (Social Engineering + Key Compromise)

Hyperbridge ($8.7M, Apr 6)

Hyperbridge is a cross-chain bridge on Polkadot. The attack vector was nearly identical to Drift:

Attackers posed as "integration partners" in Hyperbridge's Discord

Sent a malicious PDF to a core team member

Exfiltrated relayer private key via browser exploit

Drained bridge reserves in 6 transactions

Key lesson: The Drift playbook was reused 5 days later. If your protocol has a Discord/Telegram, assume attackers are already there.

Zerion ($2.1M, Apr 14)

Zerion (a DeFi wallet aggregator) was compromised via a leaked backend API key. The attacker:

Gained access to Zerion's admin panel

Updated the frontend to inject a malicious transaction approval modal

Tricked 340 users into signing unlimited ERC-20 approvals

Drained wallets over 48 hours

Key lesson: Frontend security is smart contract security. If your UI can be compromised, your contracts are vulnerable.

Category 2: Oracle Manipulation

Three protocols fell to oracle exploits. Let's zoom in on the most instructive.

MONA ($1.9M, Apr 13)

MONA is an NFT lending protocol. Users can borrow stablecoins by collateralizing NFTs. The protocol used Uniswap v2 spot prices (not TWAP) to value NFT floor prices.

Attack steps:

Attacker created a low-liquidity Uniswap v2 pool: MONA/WETH

Bought MONA with 1 ETH, inflating spot price 300%

Deposited MONA NFT as collateral (now valued 3x higher)

Borrowed max stablecoins against inflated collateral

Withdrew, leaving protocol with bad debt

Vulnerable code pattern:

// MONA's flawed oracle implementation (simplified)
contract MONALending {
    IUniswapV2Pair public monaPair;

    function getCollateralValue(uint256 nftId) public view returns (uint256) {
        (uint112 reserve0, uint112 reserve1,) = monaPair.getReserves();
        uint256 price = (reserve1 * 1e18) / reserve0; // Spot price
        return price * getNFTFloorMultiplier(nftId);
    }

    function borrow(uint256 nftId, uint256 amount) external {
        uint256 collateralValue = getCollateralValue(nftId);
        require(amount <= collateralValue * 70 / 100, "Insufficient collateral");
        // Transfer stablecoins to borrower
    }
}

Fixed version with TWAP:

// Secure oracle using Uniswap v3 TWAP
import "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";
import "@uniswap/v3-periphery/contracts/libraries/OracleLibrary.sol";

contract SecureLending {
    IUniswapV3Pool public pool;
    uint32 public constant TWAP_PERIOD = 30 minutes;

    function getCollateralValue(uint256 nftId) public view returns (uint256) {
        (int24 arithmeticMeanTick,) = OracleLibrary.consult(
            address(pool),
            TWAP_PERIOD
        );
        uint256 price = OracleLibrary.getQuoteAtTick(
            arithmeticMeanTick,
            1e18,
            address(token0),
            address(token1)
        );
        return price * getNFTFloorMultiplier(nftId);
    }
}

Test with Foundry:

// forge test --match-test testOracleManipulation -vvv
function testOracleManipulation() public {
    // Simulate price manipulation
    vm.startPrank(attacker);
    uniswapRouter.swapExactTokensForTokens(
        1 ether, 0, path, attacker, block.timestamp
    );

    // Spot price oracle would return inflated value
    uint256 spotPrice = lending.getCollateralValue(nftId);
    assertGt(spotPrice, 3e18); // 3x inflated

    // TWAP oracle would return stable value
    uint256 twapPrice = secureLending.getCollateralValue(nftId);
    assertLt(twapPrice, 1.1e18); // Max 10% deviation
}

Silo Finance ($392K, Apr 3)

Silo used Chainlink oracles but failed to validate staleness. The protocol accepted a 6-hour-old price feed during a market crash.

Fix:

function getLatestPrice() public view returns (int256) {
    (
        uint80 roundId,
        int256 price,
        ,
        uint256 updatedAt,
        uint80 answeredInRound
    ) = priceFeed.latestRoundData();

    require(answeredInRound >= roundId, "Stale price");
    require(block.timestamp - updatedAt < 1 hours, "Price too old");
    require(price > 0, "Invalid price");

    return price;
}

Category 3: Access Control Failures

Four protocols fell to access control bugs. The pattern: admin roles not revoked, whitelists misconfigured, or roles granted to EOAs instead of multi-sigs.

Aethir ($423K, Apr 9)

Aethir is a decentralized GPU cloud protocol. The contract had a MINTER_ROLE granted to an EOA during testnet.

The role was never revoked on mainnet.

On April 9, that EOA's private key was compromised (likely via a phishing attack). The attacker:

Minted 10M ATH tokens

Dumped them on Uniswap

Drained $423K liquidity

Vulnerable pattern:

contract Aethir is AccessControl {
    bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");

    constructor() {
        _grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
        _grantRole(MINTER_ROLE, 0x1234...abcd); // EOA wallet (testnet key)
    }

    function mint(address to, uint256 amount) external onlyRole(MINTER_ROLE) {
        _mint(to, amount);
    }
}

Secure version:

contract SecureToken is AccessControl {
    bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");
    address public immutable MULTISIG;

    constructor(address _multisig) {
        MULTISIG = _multisig;
        _grantRole(DEFAULT_ADMIN_ROLE, MULTISIG);
        _grantRole(MINTER_ROLE, MULTISIG); // Only multi-sig can mint
    }

    function mint(address to, uint256 amount) external onlyRole(MINTER_ROLE) {
        require(msg.sender == MULTISIG, "Only multi-sig");
        _mint(to, amount);
    }
}

Rhea Finance ($320K, Apr 15)

Rhea Finance (an Optimism yield aggregator) had an OPERATOR_ROLE granted to a former team member who left the project in February 2026.

The role was never revoked.

On April 15, that former team member's laptop was compromised in a coffee shop WiFi attack. The attacker used the still-active OPERATOR_ROLE to:

Upgrade the vault proxy to a malicious implementation

Drain user funds

Checklist for role hygiene:

• Audit all active roles monthly

• Revoke roles for offboarded team members immediately

• Use timelocks for role grants/revocations

• Emit events for all role changes

function revokeRole(bytes32 role, address account) public override onlyRole(DEFAULT_ADMIN_ROLE) {
    super.revokeRole(role, account);
    emit RoleRevoked(role, account, msg.sender, block.timestamp);
}

Category 4: Classic Exploits (Still Happening in 2026)

BSC TMM Pool ($215K, Apr 11)

A reentrancy attack. In 2026. On a pool with $2M TVL.

Vulnerable code:

function withdraw(uint256 amount) external {
    require(balances[msg.sender] >= amount, "Insufficient balance");

    (bool success,) = msg.sender.call{value: amount}(""); // Reentrancy here
    require(success, "Transfer failed");

    balances[msg.sender] -= amount; // State update AFTER external call
}

Fixed with CEI (Checks-Effects-Interactions):

function withdraw(uint256 amount) external nonReentrant {
    require(balances[msg.sender] >= amount, "Insufficient balance");

    balances[msg.sender] -= amount; // State update BEFORE external call

    (bool success,) = msg.sender.call{value: amount}("");
    require(success, "Transfer failed");
}

Or use OpenZeppelin's ReentrancyGuard.

The Common Thread: Operational Security Failures

Out of 12 hacks, 9 were not smart contract bugs. They were:

• Phishing (3 protocols)

• Misconfigured access control (3 protocols)

• Leaked keys (2 protocols)

• Stale oracles (1 protocol)

Only 3 were code-level exploits (reentrancy, flash loan, unverified call).

What This Means for 2026 DeFi

Security is no longer just about Solidity. It's about:

Key management — hardware wallets, MPC, geographic separation

Role hygiene — monthly audits, automated revocations, timelock grants

Oracle resilience — TWAP, staleness checks, confidence bounds

Social engineering defense — verify all external contacts, no PDFs from strangers, no browser wallets for admin keys

The Drift hack wasn't just a $285M loss. It was a wake-up call that operational security is now the primary attack surface.

And judging by the 12 protocols that fell in the next 16 days, most teams weren't listening.

---

Resources:

• Rekt News (Exploit Database)

• OpenZeppelin Security Patterns

• Trail of Bits Secure Development Guidelines

• Gnosis Safe Multi-Sig Setup