Blog

Security research, vulnerability analysis, and product updates.

Allaccess-controlai-securityanchorannouncementsaptosauditbenchmarksbest-practicesbridgechecklistci-cdconfigurationcosmoscosmwasmdefidevopserc-3525evmexploit-teardownflash-loansgovernancelstmovemultisignorth-koreaoracleproductreentrancyresearchrustsecuritysocial-engineeringsolanasoliditysuisupply-chainsvmtestingtoolingupgradesvulnerability-class
Drift Lost $285M to a 6-Month Con. The Smart Contract Was Fine.
|Odin Scan Team

Drift Lost $285M to a 6-Month Con. The Smart Contract Was Fine.

On April 1, Drift Protocol lost $285M in 12 minutes. There was no smart contract bug. The attackers spent six months getting the Security Council to pre-sign their own rug.

exploit-teardownsvmsolana
The Bybit $1.5B Hack: How a Safe Multisig Was Drained
|Odin Scan Team

The Bybit $1.5B Hack: How a Safe Multisig Was Drained

On February 21, 2025, the Lazarus Group stole $1.5 billion from Bybit in the largest crypto hack in history. The multisig was fine. The UI was not.

exploit-teardownevmmultisig