News
20 Apr 2026, 06:10
Aave TVL Drops $8B After Kelp DAO Hack Triggers Crisis

Its TVL fell from $26.4 billion to $18.6 billion. Hackers reportedly used stolen rsETH tokens as collateral on Aave v3 to borrow wETH, which left the protocol with an estimated $195 million in bad debt. Aave froze several rsETH and wETH markets, while other protocols connected to rsETH or LayerZero also paused activity. Aave TVL Crashes After Kelp DAO Hack Aave, one of the largest decentralized lending protocols in crypto, saw a huge drop in total value locked (TVL) over the weekend after fallout from the $293 million Kelp DAO exploit. According to data from DeFiLlama, Aave’s TVL declined from approximately $26.4 billion to $18.6 billion by Sunday, wiping out close to $8 billion in locked assets and causing the platform to lose its position as the largest DeFi protocol. DeFi protocol rankings (Source: DeFiLlama) The chain reaction began when hackers stole 116,500 rsETH tokens, valued at around $293 million, from Kelp DAO’s LayerZero-powered bridge. The attackers then used the stolen rsETH as collateral on Aave v3 to borrow wrapped Ether (wETH). Because the collateral was compromised, the borrowing activity reportedly left Aave exposed to roughly $195 million in bad debt. This is according to blockchain analytics platform Lookonchain . The impact on Aave’s lending markets was immediate. Stablecoin pools for USDT and USDC on Aave v3 reached 100% utilization. This means that almost all available liquidity was borrowed out. As a result, more than $5.1 billion in stablecoins became temporarily unavailable for withdrawal unless fresh liquidity entered the system or outstanding loans were repaid. At one point , only $2,540 remained withdrawable from Aave’s $2.87 billion USDT pool. Investor confidence was shaken. The AAVE governance token fell by almost 20% over roughly 25 hours, from $112 on Saturday evening to around $89.50 the following day. At press time AAVE was trading hands at $91.14. Large withdrawals by major players added to pressure on the platform, with MEXC exchange reportedly removing $431 million and Abraxas Capital withdrawing $392 million. AAVE’s price action over the past week (Source: CoinCodex) In response, Aave froze rsETH markets on both v3 and v4 to prevent more suspicious borrowing. It later confirmed that rsETH on Ethereum mainnet is still fully backed by underlying assets. WETH reserves were also frozen across Ethereum, Arbitrum, Base, Mantle, and Linea as a precautionary measure. The exploit also caused disruption beyond Aave. Several protocols linked to rsETH or the LayerZero bridge, including Curve Finance, Ethena, and BitGo’s Wrapped Bitcoin, paused bridge-related activity until the issue could be resolved. Many people see the event is the first major stress test of Aave’s Umbrella security model, which launched in June of 2025 to protect against protocol bad debt while rewarding users. While Aave defended its overcollateralization and liquidation mechanisms, the incident shows how vulnerabilities in one protocol can quickly spread across interconnected DeFi ecosystems.
20 Apr 2026, 05:22
Ripple Veteran Slams DeFi Bridge Security

Ripple CTO Emeritus David Schwartz has issued a warning for the decentralized finance (DeFi) sector following a devastating $290 million exploit of the Kelp DAO ecosystem.
20 Apr 2026, 05:01
LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus

LayerZero said the attackers compromised two RPC nodes the company's verifier relied on and DDoS'd the rest, with the attack working only because Kelp had ignored multi-verifier recommendations.
20 Apr 2026, 03:15
KelpDAO Hack Fallout: Crypto Whale’s $500M Aave Withdrawal Sparks DeFi Security Alarm

BitcoinWorld KelpDAO Hack Fallout: Crypto Whale’s $500M Aave Withdrawal Sparks DeFi Security Alarm In a dramatic response to mounting security concerns, a prominent cryptocurrency investor executed a massive $500 million withdrawal from the Aave lending protocol this week. This decisive move followed the devastating $290 million exploit of KelpDAO’s rsETH bridge, sending shockwaves through the decentralized finance ecosystem and raising urgent questions about systemic risk. On-chain data reveals the whale’s struggle to navigate the compromised landscape, resulting in additional losses during the exit process. KelpDAO Hack Triggers Massive Aave Exodus The weekend’s security breach at KelpDAO created immediate contagion across connected DeFi protocols. According to blockchain analytics firm Lookonchain, the exploit directly precipitated over $10 billion in cumulative withdrawals from Aave as investors sought to mitigate risk. The platform, a cornerstone of decentralized lending, faced unprecedented outflows. Consequently, liquidity pools experienced temporary strain. The whale’s specific transaction, involving 98,032 wstETH and 3,000 cbBTC, represents one of the largest single withdrawals recorded in 2025. Market analysts immediately noted the transaction’s significance. “This is a classic risk-off maneuver following a major bridge exploit,” stated a report from Chainalysis Insights. Bridges, which facilitate asset transfers between blockchains, remain critical yet vulnerable infrastructure. The KelpDAO incident exploited a flaw in the rsETH bridge’s smart contract, allowing the attacker to mint fraudulent tokens. Subsequently, these tokens were used as collateral to drain funds from various integrated protocols, creating a cascading failure. The Whale’s Costly Exit Strategy Blockchain data shows the withdrawal was not seamless. The address, identified as 0xd4584…, encountered difficulties converting bridged assets. Specifically, the investor lost 237 ETH, valued at approximately $540,000, during swap attempts. This highlights the operational friction and slippage that can occur during market stress. Despite the costly exit, the address retains a substantial position of around 10,000 ETH ($22.8 million) on Aave, suggesting a partial rather than total retreat. DeFi Security Under Microscope in 2025 The KelpDAO exploit underscores persistent security challenges within decentralized finance. In 2025, the total value locked (TVL) in DeFi protocols has surpassed previous highs, making them increasingly attractive targets. Security audits and insurance mechanisms have advanced, yet complex smart contract interactions create novel attack vectors. This incident follows a pattern of bridge-focused exploits, which have accounted for over 70% of major crypto thefts in the past two years according to a recent Immunefi report. Key vulnerabilities exposed by the KelpDAO hack include: Cross-chain bridge logic: Flaws in the validation of cross-chain messages. Oracle reliability: Dependence on external data feeds for asset pricing. Composability risk: The interconnected nature of DeFi protocols allowing exploits to spread. Governance delays: Time required for decentralized governance to enact emergency measures. The table below illustrates recent major bridge exploits and their market impact: Protocol (Year) Assets Lost Primary Cause Subsequent TVL Drop KelpDAO (2025) $290M rsETH Bridge Logic Flaw ~35% in 48 hours Orion Bridge (2024) $170M Private Key Compromise ~50% Wormhole (2023) $325M Signature Verification ~22% Institutional Response and Market Implications The whale’s activity provides a window into institutional crypto asset management. The address has a documented history of large-scale OTC (over-the-counter) trades, previously acquiring hundreds of millions in ETH and cbBTC. Such entities typically employ sophisticated risk models. Their withdrawal signals a recalibration of risk tolerance post-exploit. Moreover, the movement of wrapped and bridged assets like wstETH and cbBTC highlights the growing role of tokenized derivatives in institutional portfolios. Market impact extended beyond Aave. The broader DeFi sector saw a noticeable dip in token prices and a spike in lending rates as liquidity tightened. However, the swift response also demonstrated the resilience of blockchain transparency. Real-time tracking by firms like Lookonchain allowed the market to absorb information rapidly, potentially preventing wider panic. The Future of Decentralized Lending Security This event will likely accelerate several existing trends in DeFi security. Protocol developers are increasingly implementing circuit breakers and time-delayed withdrawals for unusually large transactions. Furthermore, the adoption of formal verification for critical smart contract code is becoming a standard requirement for blue-chip protocols. Insurance protocols, like Nexus Mutual and InsurAce, reported a surge in coverage purchases following the news, indicating growing risk mitigation sophistication among users. Regulatory attention is also intensifying. Global financial watchdogs are examining whether DeFi’s non-custodial model requires new frameworks for consumer protection and systemic risk monitoring. The sheer scale of the KelpDAO hack and its ripple effects, exemplified by the $500 million Aave withdrawal, provides a compelling case study for policymakers. Conclusion The $500 million Aave withdrawal following the KelpDAO hack serves as a stark reminder of the evolving security landscape in decentralized finance. While the transparency of blockchain allowed for real-time analysis of the whale’s movements, the incident exposes critical vulnerabilities in cross-chain infrastructure. The market’s response, combining rapid capital flight with increased investment in security measures, reflects a maturing yet cautious ecosystem. The KelpDAO hack fallout will undoubtedly influence protocol design, risk management strategies, and regulatory discussions for the remainder of 2025 and beyond. FAQs Q1: What exactly was the KelpDAO hack? The KelpDAO hack was a smart contract exploit on the rsETH bridge that occurred over a weekend in 2025. An attacker found a flaw allowing them to mint fraudulent rsETH tokens, which were then used as collateral to withdraw over $290 million in legitimate assets from the KelpDAO ecosystem and connected protocols. Q2: Why did the whale withdraw funds from Aave specifically? Aave is a major decentralized lending platform where users can deposit assets to earn interest or use them as collateral for loans. The whale likely held assets there for yield. Following the KelpDAO hack, which compromised a related asset (bridged ETH), the investor withdrew to prevent potential liquidation or further exposure to the contagion risk spreading through connected DeFi protocols. Q3: What are wstETH and cbBTC? wstETH is “wrapped staked Ethereum,” a token representing staked ETH on the Lido protocol. cbBTC is “Coinbase Wrapped Bitcoin,” a tokenized version of Bitcoin custodied by Coinbase. Both are popular “wrapped” assets that allow Bitcoin and staked Ethereum to be used within the Ethereum DeFi ecosystem, such as on Aave. Q4: How does a bridge exploit affect other protocols like Aave? DeFi protocols are highly interconnected through composability. If a bridge like KelpDAO’s rsETH bridge is exploited, the fraudulent assets minted can be deposited as collateral on lending platforms like Aave. This creates bad debt and insolvency risk for the lending protocol, prompting users to withdraw their legitimate funds to avoid losses, as seen in this mass exodus. Q5: What does this mean for the average DeFi user? For everyday users, this highlights the importance of understanding the underlying risks of DeFi, especially those related to cross-chain bridges and composability. It underscores the need to diversify across protocols, consider DeFi insurance, and stay informed about the security audits and risk parameters of platforms where they deposit funds. This post KelpDAO Hack Fallout: Crypto Whale’s $500M Aave Withdrawal Sparks DeFi Security Alarm first appeared on BitcoinWorld .
20 Apr 2026, 02:54
Aave Drops 11% as Risk-off Mood and rsETH Hack Concerns Weigh

AAVE falls to $90.25, as the broader crypto continues to decline. Primary factor leading to AAVE’s dip is the recent rsETH incident and whale withdrawals that reduced liquidity and TVL. Price risks further drop if key $90 support fails to hold. Aave had an especially steep drop in the past 24 hours, down 11% to trade at $90.25. That decline was more pronounced than the crypto market, which slipped by around 2.25% over the same time. The financial move shows a definitive change in investor trends, where capital retreats from higher-risk holdings. This loss has come at a time when overall market sentiment has been slightly off. Market pulse has turned cautious especially amid the growing geopolitical tensions. Disruptions to major global trade corridors have compounded the uncertainty. The consequence is that funds have increasingly begun flowing back into relatively safer assets in the crypto space. Bitcoin has been a primary beneficiary of this shift, and altcoins have faced increased selling pressure. Aave Dips Amid rsETH Hack The recent security incident linked to rsETH has added another layer of pressure. Aave confirmed that rsETH on the Ethereum mainnet remains fully backed by collateral. Still, the protocol has taken precautionary steps. The asset has been frozen across multiple versions of the platform. This includes Aave V3 and V4 deployments. Update on rsETH incident: According to our analysis, rsETH on Ethereum mainnet is fully backed. Out of an abundance of caution, rsETH remains frozen across Aave V3 and V4 and exposure to the incident is capped. WETH reserves also remain frozen across affected markets including… — Aave (@aave) April 19, 2026 In addition, the Wrapped Ethereum reserve has been paused in affected markets. These include Ethereum , Arbitrum, Base, Mantle, and Linea. The decision was taken to prevent further risk as the situation is being evaluated. The team has stated that it is actively considering the issue and working on possible solutions. The attacker forged LayerZero cross-chain messages to withdraw 116,500 rsETH directly from the bridge contract, then deposited the tokens into Aave and other lending platforms to borrow WETH, thus creating significant uncollateralized bad debt risk. The impact of the incident has been visible in user behavior. A large number of whales have withdrawn funds from the protocol. This price trend appears to be precautionary rather than panic-driven. Yet, it has reduced liquidity within the system. Lower liquidity can increase volatility and make prices more sensitive to selling pressure. Data from DeFi tracking platforms shows a significant drop in total value locked. Aave’s TVL has declined by over 30% following the incident. It has fallen from around $26.4 billion to nearly $18 billion. This drop is indicative of lower participation and a conservative attitude among users. The overall market environment has also led to a slump. Ongoing inflows into Bitcoin exchange-traded funds have siphoned liquidity off altcoins. It is common for institutional capital to concentrate on larger and more established assets in times of uncertainty. This trend has limited attempts at recovery for tokens such as Aave. In the near term, the next decision will be down to very specific price levels. The $90 mark is serving as a major support zone. A holding above this level could help stabilize the price. If selling pressure goes down, a consolidation phase between $90 and $95 may follow. The downside is that any break below $90 could yield further losses. The next support range is between $85 and $87. This zone may interest investors who look for lower entry points. But the overall market slump could delay any significant recovery.
20 Apr 2026, 01:47
Hack at Vercel sends crypto developers scrambling to lock down API keys

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects web3 wallets and trading interfaces to backend services.






































