DeFi Hacked Again for $292 Million, Is Even Aave No Longer Safe?

marsbitPublished on 2026-04-18Last updated on 2026-04-18

Abstract

On April 19, a major DeFi security breach occurred, resulting in the loss of approximately $292 million. The attack targeted Kelp DAO’s rsETH bridge contract built on LayerZero, with 116,500 rsETH stolen. The attacker initiated the exploit using funds from Tornado Cash and manipulated the LayerZero EndpointV2 contract to transfer the assets. Kelp DAO confirmed the incident and temporarily paused rsETH contracts across multiple networks while collaborating with security experts for investigation. Initial analysis suggests the root cause was a compromised private key on the source chain, with the contract secured by only a 1/1 validator set, making it vulnerable to a single malicious transaction. The attacker used the stolen rsETH as collateral on lending platforms—including Aave, Compound, and Euler—to borrow more liquid assets like WETH, accumulating over $236 million in debt. Aave alone accounted for $196 million of this amount. In response, Aave froze its rsETH markets and stated it would explore covering potential bad debt through its Umbrella safety module, which holds around $50 million in WETH. This incident follows another large exploit earlier in April, where Drift Protocol on Solana lost $280 million. The repeated high-value attacks raise concerns about DeFi security, even affecting major protocols like Aave. Users are advised to exercise caution, diversify holdings, and limit exposure to on-chain protocols until more robust security measures are established.

Original | Odaily Planet Daily (@OdailyChina)

Author | Azuma (@azuma_eth)

On April 19th, Beijing time, DeFi security suffered another major blow.

On-chain data shows that around 1:35 this morning, the rsETH bridge contract of Kelp DAO, the second-largest liquid staking protocol, based on LayerZero, was suspected to be exploited by hackers, resulting in a loss of 116,500 rsETH, valued at approximately $292 million.

Further tracing the on-chain records, the attacker's address received 1 ETH in initial funds from the mixing protocol Tornado Cash about 10 hours before the incident. Subsequently, this address called the lzReceive function on the LayerZero EndpointV2 contract. This call triggered Kelp's bridge contract, transferring 116,500 rsETH to another attacker address.

Approximately 2.5 hours after the incident, Kelp DAO officially confirmed the attack on X: "Earlier today, we detected suspicious cross-chain activity involving rsETH. During the investigation, we have suspended the rsETH contracts on the mainnet and multiple Layer 2s. Our auditors are working with security experts from LayerZero and Unichain to closely monitor the situation. We will keep you updated on the latest developments. Please follow official channels."

After the incident, various DeFi projects and security agencies analyzed the cause. An analysis by D2 Finance was frequently cited within the community — LayerZero Scan marked the source's counterpart as Kelp DAO, meaning the message came from a legitimately deployed counterpart contract by Kelp itself, and this path had previously recorded 308 message nonces. Therefore, the root cause of this attack is a 'compromise of the source chain private key.'

Steven Enamakel, a developer at TinyHumans AI, added that the contract was secured by only a 1/1 validator set (DVN), meaning a single erroneous transaction from the validator was sufficient to cause the issue.

Hacker Escapes via Aave, Suspected Bad Debt Incurred

Due to the limited trading liquidity of rsETH itself, the hacker's chosen escape strategy was to route through lending protocols like Aave, using rsETH as collateral to borrow more liquid wETH.

Monitoring by PeckShield Alert showed that as of 4:30 this morning, the hacker's address had deposited the stolen rsETH into lending protocols including Aave V3, Compound V3, and Euler, borrowing a large amount of WETH, with a total debt exceeding $236 million — of which Aave alone accounted for $196 million, Compound $39.4 million, and Euler only $840,000.

Following the incident, Aave promptly froze the rsETH market on Aave V3 and V4. The team subsequently issued an official statement on X: "Aave's contracts were not attacked; this attack is related to rsETH. Freezing rsETH is to prevent new rsETH deposits and collateral borrowing while the situation is assessed. We are reviewing the rsETH borrowing information on Aave that occurred after the attack and will share more details as soon as possible."

Shortly after the initial statement, Aave updated the post, adding: "If the protocol accumulates bad debt due to this incident, we will explore avenues to cover the deficit."

As of writing, the specific amount of bad debt caused by this incident is still unclear.

monetsupply.eth, Head of Strategy at Aave's direct competitor Spark, stated that if rsETH experiences a 19% discount (the stolen amount represents 19% of the total rsETH supply), Aave could potentially incur over $100 million in bad debt due to highly leveraged recursive borrowing.

However, Marc Zeller, founder of the representative Aave governance team Aave Chan Initiative (ACI) (who has announced he will leave Aave in July due to governance disagreements), offered a different perspective. Zeller initially advised users to quickly withdraw WETH from Aave V3 to avoid losses and confirmed that the USDC and USDT markets on Aave were unaffected. In response to another user's speculation that 'bad debt could reach hundreds of millions,' he stated: 'Far less than that figure.'

But Marc Zeller also mentioned that it was time to test Umbrella in a real production environment. Umbrella refers to Aave's automatic security module, essentially a pool of funds to handle bad debt. Users can deposit assets into it for higher incentives, but the pool also bears potential losses if the protocol incurs bad debt.

Aave protocol data shows that Umbrella currently holds approximately $50 million worth of WETH that could be used to address potential bad debt from this incident, but it is uncertain whether this will be sufficient to cover the shortfall.

Affected by this event, AAVE's price fell sharply by nearly 10%, trading at around 104.6 USDT at the time of writing.

Another Hundred-Million-Dollar Security Incident in April

This is not the first major security incident this month.

As early as April 1st, the Solana生态衍生品交易协议 Drift Protocol was attacked, losing up to $280 million (see 《April Fool's Joke? Drift Protocol Hacked for Over $280 Million, Possibly Becoming Solana's Second-Largest DeFi Heist》).

Afterwards, Drift Protocol directly blamed the hack on "North Korean hackers," but fortunately, institutions like Tether pledged $147.5 million for user compensation, giving users some hope for reimbursement.

Just over ten days later, another, larger hack occurred. How will this one be resolved?

Is There Any Safe Place Left in DeFi?

Security issues in DeFi are intensifying.

On one hand, there are continuous hacking incidents; on the other, there are persistent security threats posed by AI like Mythos (refer to 《Odaily Interview with Yu Xian: How Does the Leak of Anthropic's Nuclear-Grade New Model Affect Crypto Security Offense and Defense?》). For DeFi users, the previous countermeasure was to concentrate funds towards well-audited, reputable top-tier protocols. But now, even top-tier protocols like Aave, which retail users subconsciously considered extremely unlikely to have problems, are indirectly affected. Where can users move their funds?

Personally, it is currently not advisable for users to keep large amounts of funds on-chain. If there is a genuine need, please ensure proper diversification and isolation of positions.

As of writing, many details regarding this incident remain unclear. Odaily will continue to follow the developments. Please stay tuned.

Related Questions

QWhat was the total value of rsETH stolen in the Kelp DAO attack?

AThe attack resulted in the loss of 116,500 rsETH, valued at approximately $292 million.

QWhich lending protocol did the hacker use to borrow WETH using the stolen rsETH as collateral?

AThe hacker used Aave V3, Compound V3, and Euler to borrow WETH, with Aave V3 accounting for the largest debt of $196 million.

QWhat was the suspected root cause of the Kelp DAO bridge contract exploit according to D2 Finance's analysis?

AThe root cause was identified as a compromise of the source chain private key, allowing the attacker to send a malicious message from a legitimate Kelp DAO endpoint contract.

QWhat mechanism does Aave have to cover potential bad debt from this incident, and how much capital is currently available in it?

AAave has an automatic security module called Umbrella, which currently holds about $50 million in WETH to cover potential bad debt, though it's uncertain if this will be sufficient.

QHow did Aave respond immediately after the attack was discovered?

AAave froze the rsETH markets on Aave V3 and V4 to prevent new deposits and collateralized borrowing, and announced they were assessing the situation and exploring ways to cover any resulting bad debt.

Related Reads

The Billionaires Behind the Most Expensive Midterm Election in History

"The Most Expensive Midterm Elections and Their Billionaire Backers" This analysis details the unprecedented scale of spending in the 2026 midterm elections, highlighting the key billionaire donors shaping the political landscape. Jeff Yass, founder of Susquehanna International Group, has contributed over $81 million, ranking third among individual donors behind George Soros ($102.6M) and Elon Musk ($84.8M). Yass is a major donor to Trump's MAGA Inc. and supports school choice and various candidates. Overall, federal committees have raised over $4.7 billion this cycle, with political ad spending projected to reach $10.8 billion. Republican-aligned groups are significantly out-raising their Democratic counterparts. "Dark money" from undisclosed sources continues to grow. The core stakes involve control of Congress and policy direction for Trump's final term. Donors are also motivated by specific issues: Sergey Brin and Chris Larsen are funding opposition to a proposed California wealth tax and supporting crypto-friendly policies. Other top donors include OpenAI's Greg Brockman and his wife Anna ($50M total to MAGA Inc. and an AI-focused PAC), Richard Uihlein ($45.3M to conservative causes), venture capitalists Marc Andreessen and Ben Horowitz (each over $44M to crypto/AI PACs and MAGA Inc.), Miriam Adelson ($42.6M to GOP leadership PACs), Paul Singer ($33.9M), and Diane Hendricks ($25.8M to MAGA Inc.). The article notes that the peak fundraising period is still ahead, with major primaries approaching.

marsbit1m ago

The Billionaires Behind the Most Expensive Midterm Election in History

marsbit1m ago

The Largest IPO in History Is Approaching, Surpassing SpaceX, 28 Years of AI Self-Iteration, Countdown to Intelligence Explosion

"Anthropic Nears Trillion-Dollar IPO, Fueled by Explosive Growth and 2028 'Intelligence Explosion' Warning Anthropic is considering a deal valuing the AI company near $1 trillion, potentially leading to one of the largest IPOs ever and surpassing SpaceX. Its revenue has skyrocketed, with Annual Recurring Revenue (ARR) reaching $45 billion in May 2026—a 500% increase in just five months. This vertical growth curve is attributed to its key products, Claude Code and Cowork, dominating AI coding and enterprise collaboration. Beyond commercial success, co-founder Jack Clark issued a pivotal warning in an interview: there is a greater than 50% chance that by the end of 2028, AI systems will achieve recursive self-improvement—the ability to autonomously build a 'better version' of themselves, initiating an 'intelligence explosion.' This prophecy underpins the company's astronomical valuation, as the market prices in the potential for transformative and disruptive AI. Further signaling its ambition, Anthropic formed a $1.5 billion joint venture with Goldman Sachs and Blackstone, aiming to disrupt traditional consulting firms like McKinsey by deploying Claude AI for complex strategic work. This move tests AI's capacity to replace high-level cognitive labor, a precursor to its predicted autonomous evolution. The narrative presents a dual future: unprecedented economic opportunity alongside significant risks like economic restructuring and security threats. Anthropic's meteoric rise and Clark's 2028 prediction frame the coming years as a countdown to a potential technological singularity."

marsbit12m ago

The Largest IPO in History Is Approaching, Surpassing SpaceX, 28 Years of AI Self-Iteration, Countdown to Intelligence Explosion

marsbit12m ago

The Exquisite Self-Interest of Former OpenAI CTO Murati: Personally Handing Over the Knife and Then Being the First to Seek Reconciliation

Court documents from Elon Musk's lawsuit reveal OpenAI's former CTO, Mira Murati, played a central and seemingly self-interested role in Sam Altman's November 2023 ouster and reinstatement. As early as 2022, she complained to Altman about his shifting priorities and pressure to prioritize revenue. By 2023, she privately supplied co-founder Ilya Sutskever with extensive internal evidence against Altman, which became a key 52-page memo for the board. She was appointed interim CEO after Altman's firing and informed Microsoft. However, text messages show Murati simultaneously relayed the board's stance to Altman while secretly urging Microsoft's CEO to help reverse the decision. Once employee backlash mounted, she refused to publicly defend the board's move she helped engineer. She then became the first signatory on the employee petition demanding the board resign and reinstate Altman. A former board member testified Murati was "waiting to see which way the wind blew," not realizing "she herself was the wind." The evidence depicts her actions as consistently aligning with her own interests throughout the crisis.

marsbit18m ago

The Exquisite Self-Interest of Former OpenAI CTO Murati: Personally Handing Over the Knife and Then Being the First to Seek Reconciliation

marsbit18m ago

AI Inference Bills Soar, Shopify and Roblox Warn: Savings from Layoffs Not Enough to Cover Chip Costs

The 2026 Q1 earnings season reveals a paradox: while AI helps companies freeze hiring and boost productivity, the soaring costs of AI inference—token consumption and GPU depreciation—are eroding savings from workforce reductions. Shopify reported that AI now writes over 50% of its code, enabling significant output with stable headcount. However, LLM costs, driven by heavy usage of its AI assistant Sidekick, are pressuring its subscription毛利率. Similarly, Roblox attributed a quarter of its full-year利润率下调 to increased AI investment. The article highlights a broader industry imbalance: combined AI capital expenditure for Amazon, Meta, Microsoft, and Google is projected to reach $725 billion in 2026, vastly outpacing potential savings from layoffs. For instance, Meta's planned裁员 would save about $2.4 billion annually, offsetting only ~12% of its incremental AI depreciation. While底层 model and chip suppliers like NVIDIA maintain high profitability, application-layer companies face a pricing squeeze. Their strategies now involve要么 tightly linking AI costs to user engagement (like Shopify) or introducing fees for advanced AI features (like Roblox), as covering AI bills with裁员 savings alone is financially unsustainable.

marsbit28m ago

AI Inference Bills Soar, Shopify and Roblox Warn: Savings from Layoffs Not Enough to Cover Chip Costs

marsbit28m ago

Has Hook Summer Really Arrived? sato, Lo0p, FLOOD Ignite the New Narrative of Uniswap v4

"Hook Summer" Arrives? Sato, Lo0p, FLOOD Ignite Uniswap v4 Narrative Amidst a slight market recovery, attention within the Ethereum ecosystem has shifted to Meme coins built on Uniswap v4's Hook protocol. Following ASTEROID, tokens like sato, sat1, Lo0p, and FLOOD have become market focal points, with market caps ranging from millions to tens of millions, bringing concentrated liquidity to a narrative-dry market. Uniswap v4 Hooks are "plugin smart contracts" that allow developers to inject custom logic at key points in a liquidity pool's lifecycle (initialization, adding/removing liquidity, swaps, etc.), making the AMM programmable. Recent representative projects include: * **sato**: Market cap peaked over $38M; uses a v4 curve mechanism for minting/burning, locking ETH as reserve. * **sat1**: Market cap briefly exceeded $10M, positioning as an "optimized sato," but later declined significantly. * **Lo0p**: Market cap neared $6.6M; a "lending AMM protocol" allowing users to borrow ETH against deposited LO0P tokens without immediate selling pressure. * **FLOOD**: Market cap approached $6M; channels trading reserves into Aave v3 to generate yield, which is retained in the pool. The emergence of these Hook-based tokens could drive long-term growth for the Uniswap ecosystem by attracting users and liquidity to v4 pools. Combined with Uniswap's activated fee switch (partially used to burn UNI), the long-term outlook for UNI appears positive. However, short-term UNI price appreciation is not directly guaranteed. Factors include the sustainability and lifecycle of these new tokens, their price volatility, overall market conditions, and regulatory pressures. Currently, Uniswap v4's TVL ($595M) lags behind v3 and v2, indicating Hook adoption still requires time to mature. In summary, the Hook ecosystem serves as "long-term nourishment" for UNI, but acts more as a "catalyst" than a direct "booster" in the short term. Note: These are early-stage experimental tokens and may carry unknown risks.

marsbit38m ago

Has Hook Summer Really Arrived? sato, Lo0p, FLOOD Ignite the New Narrative of Uniswap v4

marsbit38m ago

Trading

Spot
Futures
活动图片