Key Takeaways:
Drift Protocol, a decentralized exchange on Solana, announced on May 20 that its Insurance Fund remains secure after a social engineering exploit allowed attackers to drain at least $440,000 from user wallets by targeting an AI agent.
"It was a social engineering exploit targeting the trust layer between automated agents—specifically an interaction between grok and Bankrbot that allowed unauthorized transaction signing,” SlowMist founder Yu Xian said, clarifying the incident was not a flaw in the Solana network itself.
The security firm identified three attacker addresses holding a collective $440,000 in stolen crypto assets. While Drift’s core smart contracts and Insurance Fund were not compromised, the attackers targeted individual user wallets connected to third-party AI agents, with some users on social media reporting personal losses of up to $150,000. Tech entrepreneur Austen Allred confirmed a wallet connected to his Kelly Claude AI assistant project was among those drained.
The incident highlights a growing attack vector in decentralized finance, where the security of third-party integrations and AI agents can create vulnerabilities even when the underlying blockchain protocol is secure. Drift has recommended users avoid signing transactions until the protocol relaunches and advised those affected to move any remaining assets to a new, clean wallet.
The exploit on Drift Protocol, a prominent decentralized derivatives exchange on the Solana blockchain, was not a direct hack of its smart contracts but a sophisticated social engineering scheme. According to analysis from blockchain security firm SlowMist, the attackers manipulated the interaction between AI agents, including Grok and a service called Bankrbot, to gain unauthorized permission to sign transactions from users' wallets.
This distinction was echoed by Pyahm Samani, CEO of Forward Industries, a company with significant holdings in Solana. On a May 14 earnings call, Samani addressed the incident, stating, “The key point here is that the incident involving Drift was a social engineering attack, not an explicit exploit of the Solana protocol or contract code itself. A breach at a company running on AWS does not mean AWS is broken. The same logic applies here.”
In response to the attack, Drift Protocol moved quickly to reassure its users, confirming in a statement on May 20 that deposits in its Insurance Fund were not impacted and would be available for withdrawal once the platform is relaunched. The protocol has temporarily advised all users to refrain from signing any transactions.
For users whose wallets were compromised, Drift issued a series of recommendations, including ceasing use of the affected wallet, creating a new seed phrase on a secure device, and transferring any remaining funds. “Attackers often use existing approvals to drain funds,” the project warned in a statement.
The incident serves as a critical reminder of the layered risks within the DeFi ecosystem. While the core Solana network and Drift's own contracts remained secure, the vulnerability emerged from an interconnected third-party service, demonstrating that user security is only as strong as its weakest link.
This article is for informational purposes only and does not constitute investment advice.
