Drift Secures $148M from Tether to Recover User Funds and Relaunch on USDT After $285M Exploit

Drift Protocol (DRIFT), a Solana-based decentralised perpetual futures exchange, has secured up to $148 million in recovery funding from Tether and co-investors, two weeks after suffering the largest DeFi exploit of 2026. As part of the deal, Drift will replace Circle’s USD Coin (USDC) with Tether’s USDT (USDt) as its core settlement layer when it relaunches on Solana.

Tether has proposed up to $127.5 million of the total, with additional partners contributing up to $20 million. Other investors confirmed in the round include R01 Fund LP and Framework Ventures, according to MEXC News. The funds will be used to recover user assets lost in the April 1 exploit and to fund the protocol’s relaunch as a USDT-denominated perpetuals DEX.

The decision to replace USDC with USDT is a direct consequence of Circle’s handling of the exploit. On April 1, a North Korean state-affiliated threat group, linked by blockchain security firms Elliptic, TRM Labs, and Diverg to the same actors behind the October 2024 Radiant Capital hack, drained approximately $270–$285 million from Drift’s main vault in under 20 minutes.

The attack was not a smart-contract bug. Rather, the attacker spent six months social-engineering Drift team members under the cover of a fake quantitative trading firm, secured two fraudulent approvals from Drift’s five-member Security Council multisig using Solana’s “durable nonces” feature, and used pre-signed transactions to seize protocol-level admin control in minutes.

ALSO READ: Solo Bitcoin Miner Beats 1-In-28,000 Odds, Pockets $210,000 Block Reward

In total, roughly $270.6 million in assets were drained across approximately 20 vaults, including over $60 million in USDC, $155 million in JLP tokens, $5.65 million in USDT, $4.4 million in Wrapped Bitcoin, and a range of other assets, according to on-chain data cited by Bitcoin Foundation. The attacker swapped the majority of stolen assets into USDC and bridged approximately $230 million from Solana to Ethereum across more than 100 transactions using Circle’s Cross-Chain Transfer Protocol (CCTP), purchasing roughly 129,000 ETH.

Circle did not freeze the funds. The attacker had deliberately avoided converting assets into USDT, reportedly on the calculated assumption that Circle would not intervene, and that proved correct. ZachXBT, the pseudonymous on-chain investigator, stated that Circle allowed millions of USDC to flow through its own bridge during US business hours for six hours without action.

Circle CEO Jeremy Allaire, speaking at a press conference in Seoul on April 13, described the decision as a “moral quandary,” stating the company can only act when legally obligated and not on independent judgment. Circle spokesperson confirmed that it freezes assets when legally required.

The episode was made more pointed by timing: just nine days before the Drift exploit, Circle had frozen USDC balances across 16 corporate wallets tied to a sealed New York civil case, disrupting exchanges, casinos, and payment processors, while taking no action on a nine-figure hack of one of Solana’s largest protocols.

Drift’s TVL fell from approximately $550 million to under $252 million in the hours following the exploit, and the DRIFT token fell more than 40%. The Solana Foundation responded on April 7 by launching STRIDE, a structured security evaluation program led by Asymmetric Research and the Solana Incident Response Network (SIRN), aimed at strengthening DeFi security across the ecosystem.

Tether confirmed the deal on April 15, 2026. Drift’s relaunch timeline has not been specified beyond readiness steps being underway.

Editorial Note: This news article has been written with assistance from AI. Edited & fact-checked by the Editorial Team.

Interested in advertising with CIM? Talk to us!