Stay informed with free updates
Simply sign up to the Cryptocurrencies myFT Digest — delivered directly to your inbox.
Hackers have stolen $280mn from the coffers of an unregulated crypto exchange, just as trading of crypto-based derivatives has surged in popularity.
Drift, the largest so-called perpetual futures exchange on the Solana blockchain, said it had fallen victim to an attack launched on Wednesday, with the amount stolen representing about half the total US dollar value on deposit with the exchange.
Perpetual futures are derivative contracts with no expiration that are used by cryptocurrency traders to speculate on asset prices that have surged in trading volume over the past year.
“This was a highly sophisticated operation that appears to have involved multi-week preparation and staged execution,” the company said in a series of posts on X on Thursday.
Drift said it had been forced to freeze customer funds while it works to contain the fallout.
Perpetuals have become much-traded in decentralised finance, a lightly-regulated corner of the cryptocurrency market. Crypto traders like the relative ease of betting with perpetuals and the ability to lever those bets for bigger profits.
Drift and the Solana Foundation did not respond to requests for comment.
The growth of perpetual trading has come with the rise of a new generation of exchanges, such as Hyperliquid. Volumes of these derivatives traded on Hyperliquid grew 420 per cent to $2.93tn in 2025 from the previous year, according to data from DefiLlama.
Hyperliquid and other such exchanges offer perpetuals trading based on assets such as oil and metals 24 hours a day. Weekend trading on Hyperliquid has increased after the Iran war as retail traders have sought ways to trade oil-related risk while traditional exchanges such as CME and ICE are shut.
“Inevitably, people want to trade” on weekends, said Mike Cahill, chief executive at Douro Labs.
Crypto perpetuals are not yet authorised for trading in the US. The newest chair of the US derivatives regulator, Michael Selig, has announced plans to approve them in the coming weeks.
Hackers used sophisticated methods to take control of the protocol by manipulating people with access to key wallets, the company said.
The tactics resemble a 2025 attack on exchange Bybit, in which North Korean hackers stole $1.5bn of cryptocurrency.
In total, North Korean hackers stole $2.02bn in cryptocurrency in 2025, a 50 per cent increase from the prior year, according to data from Chainalysis.
Bybit used emergency loans at the time to ensure users could access and withdraw funds. Drift, a much smaller and less profitable exchange, has been forced to freeze user funds.
“When you’re dealing with a smaller exchange that’s less well-capitalised, you’re taking a fair bit of risk,” said Cahill at Douro Labs. “It’s as simple as that.”
Drift said hackers appeared to have planned the attack for weeks and executed it in a matter of hours.
“Please do not deposit funds into the protocol while we investigate. This is not an April Fools joke,” the company said on X.