ChainCatcher reports that, according to GoPlus monitoring, the account abstraction solution Holdstation has been targeted in a supply chain attack. The attacker stole developer session tokens, bypassed two-factor authentication, and injected malicious code into application updates, resulting in user funds being stolen.
The attack caused a total loss of 462,000 USDT. The attacker’s address is 0xcbfA60B39cfAeaE475f649fB6705bD477219bF8d. The Holdstation team has suspended services, pledged to fully compensate affected users, and is working with security teams to investigate the incident. They also posted a message on-chain, hoping to encourage the attacker to return the funds through a bug bounty program.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Wormhole response: Drift was attacked—Solana’s security mechanism may have delayed some cross-chain transactions
Gate News, April 2, Wormhole issued an official response to the attack on Drift, stating that Wormhole users’ assets are not currently at risk and that the cross-chain bridge functionality can still be used normally. However, due to the built-in security mechanisms configured for Solana, some cross-chain transfers may experience delays. Wormhole’s core contributors have been in communication with the Solana ecosystem team and will continue providing support as needed.
GateNews45m ago
Loopscale: SOL Genesis vault with about $170,000 in deposits has an indirect exposure through Drift and has committed to full compensation.
Loopscale’s declaration is not directly related to Drift. Most funds are secure, with some indirect exposure. Deposits in the SOL Genesis Vault will fully reimburse users; deposit and withdrawal functionality is temporarily disabled, and will be reopened once services are restored.
GateNews49m ago
On-chain exchange Drift Protocol suffers a hack loss of $280 million—could the Solana ecosystem see a chain reaction?
Decentralized exchange Drift Protocol was hacked on April 2, resulting in losses of up to $280 million, becoming one of the largest DeFi security incidents in the Solana ecosystem. The attacker exploited a multisig vulnerability to obtain administrator keys and quickly transferred assets. Drift has paused deposits and withdrawals and has promised to continue updating the incident investigation. Security experts noted that this incident highlights the risks of high-privilege key management for DeFi protocols, urging stronger security measures to protect users’ assets.
ChainNewsAbmedia1h ago
Trust Wallet Discord short link hijacked; ZachXBT urgently warns: do not click
Trust Wallet’s Discord short link was hijacked and points to a malicious phishing server. Users should immediately stop clicking the relevant links and wait for official confirmation that they are safe. The newly released address poisoning protection feature can actively screen for potential scam addresses. Since 2025, Trust Wallet has faced multiple security challenges, so users need to take precautions.
MarketWhisper1h ago
DRIFT hacked; token plummets 28%. The hacker laundered $285 million entirely into ETH and fled
Drift Protocol draws attention after a hacking incident. The DRIFT token plunged 28% in a single day; the current price is only $0.049, down as much as 98% from its all-time high. The attacker stole $285 million after a private key leak and converted it into ETH; the service has been suspended. The incident has raised questions about the security of the Solana ecosystem, and the market is closely watching the follow-up compensation plan and investigation results.
動區BlockTempo1h ago
SlowMist Reveals the Drift Attack Chain: Multi-Signature Mechanism Change, Administrator Privileges Leaked
SlowMist analyzed the Drift Protocol hack, pointing out that the core vulnerability was that the multisig mechanism change did not include a time lock. After the attacker gained administrator privileges, they systematically extracted assets by forging tokens, manipulating oracles, and disabling security modules, ultimately stealing about 105,969 ETH. ZachXBT criticized Circle for not freezing USDC in time during this process, which had a negative impact on the industry and sparked widespread discussion.
MarketWhisper1h ago
