The long-awaited decision regarding DRIFT, the native token of Drift Protocol, which came to the forefront of discussions following the large-scale attack in April, has arrived. Upbit, Bithumb, and Coinone, the three largest cryptocurrency exchanges in South Korea, announced they will delist the DRIFT token after a joint review. The decision is driven by both security concerns and uncertainties surrounding the project's future. According to the exchanges' statement, trading for DRIFT will cease on June 1, 2026, at 4:00 PM. The last date users can withdraw their assets from the platform is July 1, 2026. After this date, withdrawal support for DRIFT will be completely terminated.
The decision was made after a joint review process by platforms that are members of DAXA (Digital Asset eXchange Alliance), which operates in South Korea and sets common standards for crypto assets. The DRIFT token had previously been placed on a "watchlist." During this process, additional explanations and technical details were requested from the project. However, in the final evaluation, it was stated that the information provided by the project team was insufficient to address investor concerns. In addition, topics such as the project's progress, level of transparency, and risk management were examined in detail. In light of all these criteria, it was concluded that DRIFT does not meet the current listing standards.
$285 million attack undermined trust
The pressure on DRIFT stems from a major attack that occurred at the beginning of April. Drift Protocol, one of the largest perpetual futures trading platforms in the Solana ecosystem, suffered a loss of approximately $285 million on April 1st.
The attack was carried out using social engineering methods rather than a classic smart contract vulnerability. It was revealed that the attackers manipulated the platform's Security Council for weeks by posing as a legitimate quantum trading firm and drained funds through pre-signed transactions. The fact that the entire process was completed in just 12 minutes made the scale of the event even more striking.
Chain reaction in DeFi: $606 million lost
Just 17 days after the drift attack, KelpDAO's rsETH bridge was also targeted. This attack resulted in the loss of approximately $292 million in assets. Thus, a total of $606 million was withdrawn from the DeFi ecosystem in the first 18 days of April.
In the second attack, it was stated that the attackers manipulated the LayerZero infrastructure by creating fake cross-chain messages and enabled the release of reserves. Then, the use of the stolen assets as collateral on Aave triggered panic selling in the market. As a result of these developments, the total value locked (TVL) in DeFi decreased by $13 billion in just 48 hours. Data shows that for every $1 stolen, users withdrew approximately $20 from the system. This indicates that the loss of trust went far beyond the technical damage.
