Drift Protocol, one of the leading perpetual DEXs on Solana, has been hacked for approximately $213M. This makes it the biggest hack of 2026 so far, and one of the largest ever on the Solana blockchain, right behind the Wormhole Bridge exploit of 2022. The full details of the attack are still unfolding, but from what I understand so far, the multisig controlling the protocol was compromised, potentially days or even weeks before the funds were actually drained. Either the attackers directly stole enough private keys to meet the multisig threshold, or, more likely, they compromised several machines belonging to multisig signers and tricked the operators into approving a malicious transaction. The signers may have believed they were signing a legitimate operation while unknowingly authorizing the drain. This modus operandi is similar to the Bybit hack last year, widely attributed to DPRK-linked actors. The pattern is becoming familiar: patient, sophisticated supply-chain-level compromise targeting the human and operational layer, not the smart contracts themselves. This is yet another wake-up call for the industry. We need to collectively raise the bar on security: - Better detection mechanisms at the network and endpoint level to catch compromised environments before they can be weaponized. - Secure key management with proper governance, hardware-backed signing, operational procedures that assume individual machines can be compromised. - Clear signing: ensuring that signers always have full, human-readable visibility into what they are actually approving. Ultimately, security is not just about code audits. It's about giving operators and users the right information at the right time, so they can make informed decisions about what they sign. Stay safe.