Solana (SOL)

During the downturn, net selling of $SOL in the futures market was very small. Additionally, OI is increasing rapidly. Investor interest is growing, and liquidity is also increasing. https://t.co/wKgYk6B2jL

$SOL's high-leverage long positions have been liquidated once again. They continue to lose funds before the bull market begins. https://t.co/SVGBTNX6rt

$280 MILLION VANISHED IN MINUTES ON SOLANA! 😱 @DriftProtocol, one of the largest perpetual futures on Solana, has just fallen victim to a sophisticated exploit. Not due to a smart contract bug. Not because of a leaked seed phrase. The attacker leveraged Durable Nonce plus social engineering to take control of the Security Council and withdraw user funds. Full explanation for beginners + 7 practical tips to keep your DeFi assets safe in the future. Is this the end of trust in multisig DeFi? Or a valuable lesson instead? 👇 Read the full article now

Drift Protocol, one of the leading perpetual DEXs on Solana, has been hacked for approximately $213M. This makes it the biggest hack of 2026 so far, and one of the largest ever on the Solana blockchain, right behind the Wormhole Bridge exploit of 2022. The full details of the attack are still unfolding, but from what I understand so far, the multisig controlling the protocol was compromised, potentially days or even weeks before the funds were actually drained. Either the attackers directly stole enough private keys to meet the multisig threshold, or, more likely, they compromised several machines belonging to multisig signers and tricked the operators into approving a malicious transaction. The signers may have believed they were signing a legitimate operation while unknowingly authorizing the drain. This modus operandi is similar to the Bybit hack last year, widely attributed to DPRK-linked actors. The pattern is becoming familiar: patient, sophisticated supply-chain-level compromise targeting the human and operational layer, not the smart contracts themselves. This is yet another wake-up call for the industry. We need to collectively raise the bar on security: - Better detection mechanisms at the network and endpoint level to catch compromised environments before they can be weaponized. - Secure key management with proper governance, hardware-backed signing, operational procedures that assume individual machines can be compromised. - Clear signing: ensuring that signers always have full, human-readable visibility into what they are actually approving. Ultimately, security is not just about code audits. It's about giving operators and users the right information at the right time, so they can make informed decisions about what they sign. Stay safe.

#Solana Hits 2024 Low as #Ethereum Gains Ground ➡️ $SOL DEX volume has dropped to $55.5B, its lowest level since September 2024, with fees plunging 42%. ➡️ Meanwhile, $ETH is gaining market share, backed by steady mainnet usage and growing Layer 2 adoption. #CoinPedia #CryptoNews #Blockchain #CryptoMarket

Couple green candles and the moon boys who bought the top were out in full force “bOttOMs IN”🤤 $SOL https://t.co/wUc8JLK7NF

Largest Treasury buyback in history just hit the tape. $15,000,000,000 in debt removed from the market in one go. They are trying to support the bond market and keep things stable. History shows that when the Treasury steps in like this risk assets catch a bid. Watching $SOL and $BTC closely for a volatility spike here.

24H Web3 News Recap #396 📰 Fear and Greed Index: 12/100 ▲ 1️⃣ Hacks & Security > Drift Protocol loses $280M in Solana's second-largest exploit on record > ZachXBT: Circle took 6 hours to freeze USDC during the live $280M Drift hack 2️⃣ Solana Fallout > DRIFT token drops 40%, TVL collapses from $550M to $247M overnight > Exploiter bridges $82M into ETH via Hyperliquid and Binance after Wormhole swap 3️⃣ BTC & Macro > Bitcoin closes worst Q1 since 2018, down 23.8% at $66,619 on April 1 > US Bitcoin spot ETFs post $496.5M Q1 outflows despite $1.32B March inflows 4️⃣ ETH & Institutional > ETH spot ETFs post $769M Q1 outflows; April 1 net $7.02M, ETHA leads at -$32.15M > SBI Holdings' B2C2 designates Solana as primary institutional stablecoin settlement network 5️⃣ AI x Crypto > Bittensor TAO up 30%+ in Q1 at $307, subnet tokens reach $1.5B valuation > Render and FET post 30%+ Q1 gains as AI sector outperforms bleeding broader market 6️⃣ Stablecoins > Stablecoin market cap hits $322B; Q1 adjusted transfer volume reaches $21.5T > Kulipa raises $6.2M seed for stablecoin card infrastructure; 120k+ cards issued 7️⃣ Regulation > US Treasury issues 87-page GENIUS Act NPRM: 100% reserves, AML/KYC, 60-day comment period > Hong Kong stablecoin licenses postponed to April or later by HKMA 8️⃣ Corporate Treasury > Genius Group liquidates all 84 BTC (~$5.7M) in Q1 to repay $8.5M debt > Public companies accumulate 62,000 BTC in Q1 per SEC filings, MicroStrategy leads 9️⃣ Funding & Deals > Keyrock reaches $1.1B valuation in Series C led by SC Ventures and Ripple > US Bitcoin spot ETF cumulative inflows reach $56B with total AUM at $87.5B

i can't stop thinking about the drift protocol hack. not because of the $280m. we've seen big numbers before. i can't stop thinking about how it happened. and what it says about everything we're building. on april 1st, while people were posting jokes, an attacker drained $280 million from drift protocol in minutes. the team had to literally tweet "this is not an april fools joke." but this didn't start on april 1st. it started on march 23rd. that's when the attacker created four durable nonce accounts. two tied to drift's own security council multisig members. two controlled by the attacker. quietly. no alarms. no flags. on march 27th, drift migrated their security council due to a routine member change. by march 30th, the attacker had already compromised a signer on the new multisig too. then on april 1st, they executed. a test transaction first. then one minute later, two pre-signed transactions fired four slots apart. admin takeover. withdrawal limits removed. a malicious asset introduced. every vault drained. jlp. sol. btc. usdc. over 15 tokens gone. the entire thing took minutes. this wasn't a bug. this wasn't a smart contract exploit. this wasn't a flash loan or an oracle manipulation. drift's own report confirms it (you can check @DriftProtocol's latest to confirm). no compromised seed phrases. no code vulnerability. this was social engineering. the attacker got 2 out of 5 multisig signers to approve transactions they didn't fully understand. used durable nonces to pre-sign them. then waited. patiently. for over a week. two signatures out of five. that was the security standing between users and $280 million. two out of five. i keep coming back to that number because this is the part that should make everyone uncomfortable. not the hack itself. the architecture that made it possible. we've seen this before. we've seen this so many times. bybit. $1.4 billion. the attacker compromised the signing infrastructure and tricked signers into authorizing malicious transactions. same concept. social engineering. not code. ronin bridge. $625 million. compromised validator keys. same story. cetus protocol. $223 million. different method but same result. hundreds of millions gone. in 2025 alone, $3.4 billion was stolen in crypto. and the pattern is almost always the same. not brilliant code exploits. not zero-day vulnerabilities. someone was tricked. a key was exposed. a human made a mistake. only 19% of hacked protocols even used multi-sig wallets. and the ones that did, like drift, got beaten anyway. because the weakest link was never the code. it was always the person holding the key. now here's what makes me angry. i've seen people dunking on solana over this. blaming svm. questioning the entire chain. the same thing happened after bybit when people started questioning evm and ethereum's security model. this is not a solana problem. this is not an ethereum problem. this is not chain-specific at all. drift's own report says it clearly. the programs and smart contracts worked exactly as designed. the chain did what it was supposed to do. a human was tricked into signing something they shouldn't have. that can happen on any chain. any protocol. any ecosystem. pointing fingers at solana is a deflection. and it's net negative for the entire space because it distracts from the real conversation we need to have. which brings me to circle. nine days before the drift hack, circle froze 16 business wallets overnight. legitimate companies. crypto exchanges. forex platforms. payment processors. no criminal charges. a sealed civil lawsuit that nobody could even read. no advance warning. businesses woke up and couldn't process payments, couldn't settle trades, couldn't serve their customers. zachxbt called it "potentially the single most incompetent freeze" he'd seen in over five years of investigations. one of the frozen wallets wasn't even a business. it was a dfinity bridge contract used by thousands of users who had nothing to do with the case. then nine days later, $280 million is being drained from drift in real time. the attacker is converting stolen tokens through jupiter, bridging them to ethereum, moving funds through circle's own cross-chain transfer protocol. and the freeze didn't come fast enough. so circle can shut down 16 legitimate businesses overnight for a civil case. but a quarter billion being actively stolen through their own infrastructure? different speed. i'm not saying circle is the villain here. i'm saying the system is broken in ways that should concern everyone. now think about who's actually affected by drift. it's not just traders. protocols are built on top of drift. neobanks integrate with defi infrastructure. real customers with no idea what a multisig even is woke up and saw they couldn't access their money. some platforms said user funds are safe. but nobody could withdraw. your money is "safe" but you can't touch it. think about what that feels like for someone who just wanted a better savings rate. i know what it feels like on a smaller scale. i lost $5,000 to social engineering. it's nothing compared to $280 million. but the feeling is the same. that moment when you realize the funds are gone and there's nothing you can do. it doesn't scale with the dollar amount. it's the same pit in your stomach whether it's $5k or $280m. and here's the question i keep circling back to. we say defi is the future. we say we're going to onboard the next billion users. we say this technology will replace traditional finance and bank the unbanked and give people financial sovereignty. but how do we onboard millions of people into a system where a social engineering attack can drain a quarter billion dollars in minutes? where 2 out of 5 signatures is considered security for $280m? where the attacker sets up wallets two weeks early, runs a test transaction, and nobody notices? where circle can freeze legitimate businesses overnight but can't stop a live heist fast enough? where the same attack, the same playbook, the same human error keeps happening year after year after year? ronin. bybit. cetus. now drift. same cause. different name. different chain. same result. defi doesn't have a code problem. it has a people problem. and we keep solving for the code. i haven't interacted with a protocol in a while. i like money. but i love safety more. and right now this space is asking me to choose between the two. security can't keep being the last conversation. it can't keep being the thing we talk about after the hack and forget about before the next one. it has to be the first priority. not the last. because right now we're not ready for the next billion users. we're barely keeping the ones we have safe.