Home
Cryptocurrency
Cryptocurrency News
Drift Exploit Claims Its First Victim as DeFi Protocol Carrot Shuts Down

Drift Exploit Claims Its First Victim as DeFi Protocol Carrot Shuts Down

Carrot's TVL was around $28 million (roughly Rs. 266 crore) before the Drift hack; it currently stands at $1.99 million.

Written by Rahul Dhingra, Edited by Manas Mitul | Updated: 1 May 2026 16:06 IST

Drift Exploit Claims Its First Victim as DeFi Protocol Carrot Shuts Down

Photo Credit: Unsplash/FlyD

Carrot team has assured users that they would not suffer from the exchange's closure

Click Here to Add Gadgets360 As A Trusted Source

Highlights

Users asked to withdraw funds before the May 14 deadline
Protocol’s TVL dropped sharply after the Drift exploit
Drift attack linked to DPRK-affiliated group UNC4736

Carrot, a Solana-based decentralised finance yield protocol, announced it was permanently shutting down operations, making it one of the first victims of the fallout from the Drift Protocol exploit in early April. In a post on X, Carrot stated that the Drift Protocol exploit was catastrophic and had left it financially bleeding and unable to continue. The platform has set May 14 as the deadline for users to withdraw their remaining funds. The platform will continue to assist in recovery procedures related to Drift and transfer assets when they are available.

Protocol Gives Users Withdrawal Deadline Amidst Recovery

Carrot was earlier incorporated into Drift's infrastructure and later on used its pools to generate yield for its users. Although Carrot's Total Value Locked (TVL) collapsed after the Drift Protocol hack. As per the data from DeFiLlama, Carrot's TVL was around $28 million (roughly Rs. 266 crore) before the Drift hack; it currently stands at $1.99 million (roughly Rs. 18.9 crore), marking a decrease of roughly 93 percent. The contagion managed to spread across many affiliated projects such as the yield protocol Gauntlet, the lending and borrowing platform PrimeFi, and the crypto fund Elemental DeFi.

Bitcoin Nears $77,000 as Stable Liquidity Conditions Support Market

Cryptocurrency Discussion

Explore More...

1/ Carrot is shutting down

This is certainly not the outcome we wanted, but the situation with the Drift exploit, has proven to be catastrophic for our continued operations.
— Carrot (@DeFiCarrot) April 30, 2026

In the post on X, the Carrot team assured users that they would not suffer from the exchange's closure. It said, “Your deposited funds are still yours, but all leverage will be reduced to zero, freeing up all liquidity for CRT redemption [...] Any recovery effort by Drift will still be distributed as stated previously.” The crypto firm also added, “Winding down is a hard decision for all of us who have poured so many hours and resources into Carrot.”

Last month, Drift Protocol fell prey to one of the biggest scams of the year, amounting to $280 million (roughly Rs. 2,600 crore). In a post on X, Drift Protocol explained that this was not a typical hack, but a months-long, highly coordinated social engineering operation. Bad actors posed as a legitimate trading firm, met the Drift Protocol executives at several crypto events. They even invested a million dollars in capital on the platform. Over time, they managed to trick team members into interacting with malicious code and apps, likely compromising their devices and gaining access to critical systems. This operation was linked to a DPRK group called UNC4736.

Another DeFi protocol called Kelp was also on the list of growing victims of scams this year, but in the aftermath, certain DeFi protocols came together and formed an alliance to restore the backing on Restaked Ether (rsETH). The Decentralised platform Aave has called this effort “DeFI United”. Crypto protocols involved in this operation include Mantle, EtherFi Foundation, Golem Foundation, Lido DAO, Ethena, LayerZero, Ink Foundation, and Tyrdo.

Cryptocurrency is an unregulated digital currency, not a legal tender and subject to market risks. The information provided in the article is not intended to be and does not constitute financial advice, trading advice or any other advice or recommendation of any sort offered or endorsed by NDTV. NDTV shall not be responsible for any loss arising from any investment based on any perceived recommendation, forecast or any other information contained in the article.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Cryptocurrency, DeFi hacks, Crypto Scams, Regulations, Carrot

Rahul Dhingra

Email Rahul Dhingra

Rahul Dhingra is a crypto writer at Gadgets 360, where he covers the exciting world of Cryptocurrency, Blockchain, Defi and Web3. Before joining Gadgets 360, he worked as a content specialist for a European-based Crypto Exchange. Rahul loves storytelling, not just through the written word but also through the visual medium. Beyond his professional life, Rahul is a sports fanatic. Whether it’s cricket or football, his passion for the game is contagious. More