Key Takeaways:
- Drift secured $150 million to repay users after a $295-million hack drained its platform.
- The platform is switching from USDC to USDT partly due to how frozen funds were handled during the attack.
- A lawsuit against Circle and debates over freezing stolen crypto highlight growing risks in DeFi platforms.
Two weeks after one of decentralized finance’s (DeFi) largest exploits, Solana-based trading platform Drift has secured a $150-million recovery package from stablecoin issuer Tether and its partners. At the same time, the platform is replacing Circle’s USDC (USDC) with Tether’s USDt (USDT) as its main settlement currency for trades on the platform.
On 1 April 2026, a six-month social engineering scheme culminated in hackers draining approximately $295 million from Drift’s vaults (according to the company’s official update). Blockchain analytics firm Elliptic linked the attack to North Korean state-affiliated actors. Vaults are software programs that store user funds on the blockchain.
Today, Drift is announcing a collaboration with @tether and other partners totaling up to nearly $150 million to support our commitment to a relaunch with USDT at the center, and a path to user recovery.
These funds encompass a $100M revenue-linked credit facility, an ecosystem…
— Drift (@DriftProtocol) April 16, 2026
The attackers posed as a trading company to infiltrate Drift’s team and then exploited Solana’s durable nonce feature — a mechanism that lets transactions be approved in advance and executed later. This helped them bypass Drift’s multi-signature security system (which normally requires multiple approvals before transactions can be processed) and ultimately empty the platform’s core vaults.
A recovery tied to platform revenue
Of the $150 million, Tether will contribute up to $127.5 million, with other undisclosed partners adding $20 million. The repayment plan is tied to Drift’s future activity after relaunch. A portion of the platform’s trading revenue will be directed into a dedicated recovery pool, which will gradually compensate affected users.
To support this, Drift plans to issue a separate, transferable recovery token to impacted users. This token represents a claim on future payouts from the recovery pool. It is separate from Drift’s existing governance token, DRIFT, which is used for voting on platform decisions.
Before reopening fully, Drift will undergo two independent security audits conducted by OtterSec and Asymmetric Research. The platform is also introducing a new, community-governed multi-signature system that uses dedicated signing devices and requires external verification for every transaction, aiming to reduce the risk of similar attacks.
Recovery Pool: During the initial phase of the collaboration, a substantial portion of exchange revenue, together with committed support capital, is intended to fund this dedicated user recovery pool. Drift has also been actively working with law enforcement and blockchain…
— Drift (@DriftProtocol) April 16, 2026
Learn More: What is a Seed Phrase?
Why Drift is dropping USDC for USDT
As part of its relaunch, Drift will move more than 128,000 users and 35 ecosystem teams (projects built around Drift) to USDT-based trading on Solana. The switch follows widespread criticism of Circle — USDC’s issuer — for not freezing stolen funds during the attack.
On-chain investigator ZachXBT said the attackers moved approximately $232 million in USDC from Solana to Ethereum through Circle’s own cross-chain bridge (a tool for transferring tokens between different blockchains) across more than 100 transactions over six hours, with no funds frozen.
3/ On April 1, 2026, Drift Protocol was exploited for $280M.
The exploiter used CCTP to bridge 232M+ USDC from Solana to Ethereum across 100+ transactions over six consecutive hours. 10+ additional DeFi protocols across the Solana ecosystem were indirectly impacted.
Despite the… https://t.co/RLDwKghzjo
— ZachXBT (@zachxbt) April 3, 2026
At a 13 April 2026 press conference in Seoul, South Korea, Circle CEO Jeremy Allaire stated the company only freezes wallets when directed by law enforcement or the courts and that private companies making such calls independently create a serious ethical problem.
By contrast, Tether has taken a more proactive approach in similar cases, often freezing funds linked to hacks and illegal activity. Examples include $3.29 million frozen after the 2026 Rhea Finance exploit, $9 million tied to the 2025 Bybit hack, and over $225 million connected to global “pig butchering” scams.
Related: Solana-Based Trading Platform Drift Hit by $250M+ Hack; Deposits Paused
Circle faces lawsuit as scrutiny grows
Circle is now facing a class-action lawsuit filed in a Massachusetts federal court by Drift investor Joshua McCollum on behalf of over 100 affected users. The lawsuit alleges negligence and claims Circle indirectly enabled the movement of stolen funds.
Ok, pretty much everyone is mad at @circle and @jerallaire for not freezing the ~$230M in USDC the @DriftProtocol hacker bridged from Solana to Ethereum after the $285M exploit. Let me steelman why it was actually the right call 🧵
1. "Code is not law, but law is not law… https://t.co/eKOXzCSMGz
— Lorenzo Valente (@LorenzoARK) April 16, 2026
Not all observers agree with this view. Lorenzo Valente, director of digital assets research at ARK Invest, argued publicly that freezing wallets without legal orders could turn such decisions into subjective judgment calls, introducing a different set of risks for the industry.
