News
2 Apr 2026, 11:24
Ledger CTO Urges Community to Increase Crypto Security After Recent Solana Dex Hack

The Ledger CTO has reflected on today’s Drift Protocol hack, saying it’s a wake-up call for the whole crypto space.
2 Apr 2026, 11:15
Drift Hack Exposes Alarming Multisig Vulnerability: Ledger CTO Reveals Chilling Parallels to Bybit Attack

BitcoinWorld Drift Hack Exposes Alarming Multisig Vulnerability: Ledger CTO Reveals Chilling Parallels to Bybit Attack In a chilling revelation that has sent shockwaves through the cryptocurrency community, Ledger’s Chief Technology Officer Charles Guillemet has identified disturbing similarities between the recent $285 million Drift protocol hack and February 2025’s devastating $1.4 billion Bybit attack, exposing critical vulnerabilities in multisig wallet security systems that protect billions in digital assets worldwide. Drift Hack Investigation Reveals Multisig Compromise Pattern Security analysts immediately began investigating the Drift protocol breach after the platform reported missing funds on March 15, 2025. The decentralized perpetual futures exchange confirmed the theft of approximately $285 million in various cryptocurrencies from its treasury. Furthermore, blockchain forensic firms quickly traced the stolen assets across multiple wallets. Meanwhile, Charles Guillemet, CTO of hardware wallet manufacturer Ledger, published a detailed technical analysis on social media platform X. He specifically identified the attack vector as likely involving the protocol’s controlling multisig wallet. Guillemet explained that multisig wallets require multiple cryptographic signatures to authorize transactions. This security feature typically prevents single points of failure. However, sophisticated attackers can still bypass these protections through coordinated social engineering campaigns. The cryptocurrency industry has experienced numerous high-profile attacks in recent years. Consequently, security experts constantly develop new defensive strategies. The table below illustrates how multisig attacks have evolved: Attack Method Typical Target Average Loss Prevention Difficulty Private Key Theft Individual Wallets $5-50M Medium Smart Contract Exploit Protocol Code $10-100M High Multisig Compromise Treasury/Governance $100M+ Very High Bridge Attack Cross-Chain Assets $50-200M Extreme Bybit Attack Methodology Resurfaces in Drift Incident Guillemet’s analysis draws direct parallels to the February 2025 Bybit exchange hack that resulted in approximately $1.4 billion in cryptocurrency losses. That attack similarly targeted the exchange’s multisig wallet infrastructure. According to blockchain security firm CertiK’s report on the Bybit incident, attackers employed a multi-stage approach. First, they conducted extensive reconnaissance on key personnel. Next, they deployed sophisticated malware to compromise multiple devices. Finally, they executed carefully timed transaction approvals. The attackers reportedly monitored their targets for several weeks before initiating fund transfers. This extended reconnaissance period allowed them to understand approval workflows and identify optimal timing. Security researchers have identified several common characteristics in both attacks: Extended reconnaissance periods lasting weeks before fund extraction Multi-device compromise targeting several authorized signers simultaneously Transaction camouflage making malicious transfers appear routine Social engineering convincing signers to approve unauthorized transactions Infrastructure targeting focusing on administrative rather than technical systems Expert Analysis of Multisig Security Vulnerabilities Blockchain security experts emphasize that multisig wallets represent both a strength and vulnerability in decentralized systems. While requiring multiple signatures significantly improves security over single-key arrangements, the human element introduces new attack surfaces. According to Dr. Sarah Chen, cybersecurity researcher at Stanford University’s Blockchain Security Lab, “Multisig implementations create distributed trust models that are mathematically sound but psychologically vulnerable. Attackers increasingly focus on compromising the individuals who control signatures rather than breaking cryptographic algorithms.” The cryptocurrency industry has implemented various multisig configurations with different security trade-offs. Most enterprise implementations use 3-of-5 or 4-of-7 signature schemes. These configurations balance security with operational practicality. However, each additional signer increases the attack surface for social engineering campaigns. Security audits frequently identify procedural weaknesses rather than technical flaws in multisig implementations. Regular security training and strict operational procedures can mitigate these risks significantly. Cryptocurrency Industry Responds to Escalating Threats The consecutive multibillion-dollar attacks on Bybit and Drift have prompted urgent security reassessments across the cryptocurrency sector. Major exchanges and DeFi protocols have announced enhanced security measures in response. Binance, Coinbase, and Kraken have all implemented additional verification layers for treasury transactions. Several leading DeFi protocols have temporarily increased their multisig signature requirements. Others have implemented time-lock features for large transactions. The industry-wide response reflects growing recognition that traditional multisig implementations require substantial reinforcement. Blockchain analytics firm Chainalysis reports that cryptocurrency thefts reached $3.8 billion in 2024. This represents a 15% increase from the previous year. Multisig and bridge attacks accounted for approximately 68% of total losses. The firm’s 2025 Crypto Crime Report highlights several concerning trends. Attack sophistication continues to increase rapidly. Social engineering campaigns are becoming more targeted and persuasive. Recovery rates for stolen funds remain below 20%. These statistics underscore the urgent need for improved security frameworks throughout the industry. Conclusion The Drift hack investigation reveals critical vulnerabilities in current multisig security implementations that mirror the earlier Bybit attack methodology. Ledger CTO Charles Guillemet’s analysis provides valuable insights into how sophisticated attackers compromise multiple signers through extended social engineering campaigns. The cryptocurrency industry must develop more robust multisig frameworks that address both technical and human vulnerabilities. Enhanced security education, improved verification procedures, and advanced transaction monitoring represent essential components of comprehensive defense strategies. As digital asset values continue growing, protecting multisig wallets from similar attacks remains paramount for ecosystem security and investor confidence. FAQs Q1: What is a multisig wallet and why is it vulnerable? A multisig wallet requires multiple cryptographic signatures to authorize transactions, providing enhanced security over single-key wallets. However, it becomes vulnerable when attackers compromise multiple signers through social engineering or malware, allowing them to obtain the necessary approvals for unauthorized transactions. Q2: How did the Drift hack compare to the Bybit attack? Both attacks targeted multisig wallet infrastructure using similar methodologies involving extended reconnaissance, multi-device compromise, and social engineering to obtain unauthorized transaction approvals. The Bybit attack resulted in approximately $1.4 billion in losses, while the Drift hack involved about $285 million. Q3: What security measures can prevent similar multisig attacks? Enhanced security measures include mandatory security training for all signers, hardware security modules for key storage, transaction monitoring with anomaly detection, multi-factor authentication for approval processes, and implementation of time-lock features for large transactions. Q4: How long do attackers typically monitor targets before executing multisig attacks? According to security analyses of both the Bybit and Drift incidents, attackers often conduct reconnaissance for several weeks before initiating fund transfers. This extended period allows them to understand approval workflows, identify optimal timing, and potentially compromise multiple signers. Q5: What percentage of stolen cryptocurrency funds are typically recovered after such attacks? Blockchain analytics indicate that recovery rates for stolen cryptocurrency funds remain below 20% across major incidents. The pseudonymous nature of blockchain transactions, cross-chain asset transfers, and mixing services make fund recovery exceptionally challenging despite improved tracing capabilities. This post Drift Hack Exposes Alarming Multisig Vulnerability: Ledger CTO Reveals Chilling Parallels to Bybit Attack first appeared on BitcoinWorld .
2 Apr 2026, 11:11
DRIFT Hacked: 280M$ Loss and Price Collapse

Solana DEX Drift Protocol hacked for $280M. Funds stolen via durable nonces exploit, price dropped 42%. Attacker took 130K ETH. Potential additional $200M at risk. Technical analysis: RSI 21, S1 $0...
2 Apr 2026, 11:10
Vitalik Buterin wants to move your AI off the cloud and onto your desktop

Vitalik Buterin says that the only secure way to move forward is to keep artificial intelligence on your personal devices. He points out new “agent” systems that present considerable security threats. The Ethereum founder has stopped using cloud-based artificial intelligence. He runs everything on his own machines now. And he wants other people to do the same. He put out a long post on April 2, 2026. In it, he said he has been building an AI setup that he calls “self-sovereign, local, private, and secure.” He says his worry is real. “I come from a position of deep fear of feeding our entire personal lives to cloud AI,” he wrote. “Just when end-to-end encryption and local-first software are finally becoming mainstream… we may be taking ten steps back.” Since the beginning of 2026, he has been advising people to switch to this. He sees it as a means of resisting the longstanding move toward centralized tech services. Why AI agents worry Vitalik Buterin A significant factor in his change of heart is that AI is no longer what it once was. It is more than just a chatbot that provides answers. AI systems can now act as “agents,” which means they use hundreds of tools to finish tasks on their own. However, Buterin believes people aren’t taking the security risks of this shift seriously enough. To support this, he pointed to research on tools like OpenClaw . These studies found that AI agents can change important computer settings or messaging channels without asking you first. For example, a hacked website could trick an AI agent into downloading and running a harmful script, giving a stranger complete control over your computer. The research also showed that about 15% of the “skills” these agents use contain hidden commands. Those commands quietly send user data to outside servers. Shahaf Bar-Geffen runs a crypto company called COTI. He put the privacy problem this way: “Without privacy, Web3 is doomed to be a kind of castle in the sky that sounds great in theory, but in practice simply doesn’t work.” How he built his local setup Buterin’s solution is to keep everything local for better privacy and security. He tested different hardware setups using a model called Qwen3.5:35B. These tests showed that anything under 50 tokens per second is too slow to be useful and just “too annoying.” For his own work, he found that 90 tokens per second is the ideal speed. Of the machines he tested, the NVIDIA 5090 Laptop was the top performer, reaching 90 tokens per second. On the other hand, the DGX Spark, which is marketed as a personal supercomputer, only managed 60 tokens per second. Buterin called it “lame,” pointing out that a high-end laptop offered a superior experience. A comparison of processing speeds across different hardware setups for running local AI models. Source: Vitalik Buterin He uses NixOS for software and runs llama-server in the background. He also employed a tool named bubblewrap, which generates isolated environments to restrict the AI’s access to specific files. He said he sees artificial intelligence as something useful, but not fully trustworthy, similar to how Ethereum developers treat smart contracts. As the local models are not as good as the cloud ones when it comes to harder reasoning tasks, he has built in some practical workarounds. One is a 2-of-2 confirmation approach where the AI drafts something, for example, an email or a transaction, but nothing goes out until a person signs off on it. He also keeps a 1 TB folder of Wikipedia data locally so he can look things up without sending queries out to the internet. When he needs to use a remote model, he passes the request through a local model so that it can filter out any sensitive information. Some people cannot afford their own setup. For them, Buterin suggested that they work together with a small group to buy a shared computer with a stable internet and access it remotely. Since artificial intelligence is everywhere now, he thinks being cautious is just common sense. He believes that keeping things local, using sandboxes, and not trusting the system are just practical ways to stay in control of your own digital life. If you want a calmer entry point into DeFi crypto without the usual hype, start with this free video.
2 Apr 2026, 10:13
Drift explains $280M exploit as critics question Circle over USDC freeze

Drift said a durable nonce attack helped drive its Solana exploit, as critics questioned why stolen USDC moved for hours without a freeze.
2 Apr 2026, 09:53
Solana Price Prediction: $200M Exploit and 5.5% Drop

SOL USD is bleeding. Solana price is at $78, down almost 6% in the day, extending a brutal 11% weekly decline that marks the steepest drop among major crypto coins, after an ugly prediction popped post Trump’s comment on Iran war. Drift Protocol, one of Solana’s premier perpetual trading platforms, confirmed a devastating exploit today. A malicious actor gained unauthorized access through a novel attack involving durable nonces, executing a rapid takeover of Drift’s Security Council administrative powers. JUST IN: Drift Protocol on Solana suffers suspected $200M+ exploit, with nearly 980,000 SOL drained from the protocol according to on-chain monitoring. — MSB Intel (@MSBIntel) April 1, 2026 Estimated losses sit at above $200 million, making this one of the largest hacks in Solana’s ecosystem since 2022. The platform confirmed the breach directly, and on-chain data has since shown accelerating outflows across the network. Discover: The best crypto to diversify your portfolio with Can Solana Price Recover Above $85 Despite the Bearish Prediction? SOL is in breakdown mode. The $78 support zone is a level that has historically attracted accumulation but now risks becoming a ceiling if bulls fail to reclaim it quickly. Resistance clusters at $85, the prior week’s high, with the all-time high of $293 now a distant 73% above current levels. Volume is elevated, with 24-hour trading volume hitting $5.2 billion, signaling panic selling. High-volume drops of this magnitude often produce violent bounces, but only after capitulation completes. Total value locked on Solana fell to $6.544 billion, with major protocols Jito (-4.3%), Raydium (-4.33%), and Sanctum (-3.83%) all posting outflows. DEX volumes have declined 40% since January. It’s just not good for Solana at the moment. SOL USD, Tradingview For Solana holders, the best scenario is for Bitcoin to stabilize above $65,000, Drift Protocol publishes a credible recovery plan, and SOL reclaims $85, opening a path toward $95–$100 within two weeks. But if $78 support fails on sustained volume. Next meaningful floor sits near $65, a level that would push SOL’s year-to-date loss beyond 50%. Discover: The best pre-launch token sales Maxi Doge Targets Early Mover Upside as Solana Tests Key Levels When a top- 10 asset drops 13% in a week, and a major DeFi platform loses $200 million overnight, the question isn’t whether confidence is shaken; it’s where rotational capital goes next. Some traders have been answering that question with early-stage presales, where entry prices sit far below any meaningful market cap pressure. Maxi Doge ($MAXI) is one presale absorbing that interest. Built on Ethereum as an ERC-20 meme token, the project leans hard into a 240-lb canine juggernaut persona, think gym-bro culture applied to leverage trading, with the tagline “Never skip leg-day, never skip a pump.” The mechanics underneath the meme are structured: holder-only trading competitions with leaderboard rewards, a Maxi Fund treasury allocated to liquidity and partnerships, and a dynamic staking with 66% APY bonus for committed holders. Current presale price stands at $0.0002811 , with more thasn $4,7 million raised to date. For those prepared to research the position, the details are available at the official Maxi Doge presale page . This article is not financial advice. Cryptocurrency investments carry significant risk. Always conduct your own research before making any investment decision. The post Solana Price Prediction: $200M Exploit and 5.5% Drop appeared first on Cryptonews .







































