hodler

2 May 2026, 09:24

Grinex to repay 1B ruble in client losses after hack

The recently hacked cryptocurrency exchange Grinex intends to compensate customers for stolen assets worth over a billion Russian rubles. The Kyrgyzstan-based coin trading platform is best known for helping Russia circumvent Western sanctions imposed over its invasion of Ukraine. Grinex promises compensation for those affected by massive hack The largest exchange in the Russian-speaking segment of the crypto market, Grinex, has decided to pay clients for assets lost in a hacking attack last month. The Kyrgyz-registered platform was breached in mid-April with the unknown perpetrators draining an estimated 1 billion rubles’ worth of cryptocurrency. The funds, currently worth over $13 million, remain in wallets controlled by the attackers, representatives of the exchange told the leading Russian crypto news outlet Bits.media on Friday. While the digital coins are not available for immediate return, they have been already marked as “stolen” by international anti-money laundering services, they emphasized. Russian police have opened an investigation into the case. The exchange shared all gathered information with law enforcement in Russia, where most of its clients reside. The hackers withdrew Tether (USDT) from 54 addresses, most of which on the Tron network, and transferred them to two wallets on the same blockchain, according to the AML analytics firm CoinKit. The assets, valued at $13 to $15 million at the time, were then converted to Tron tokens (TRX) through the decentralized platform SunSwap (Sun.io). They were eventually consolidated into a single address – TH9kgjfrKeTNeyXtDKvxCXZ1dVKr7neKVa – the report further detailed. Grinex offers customers to first withdraw A7A5 stablecoins The exchange halted all deposits and withdrawals on its Grinex.io website when it discovered the breach, initially posting on Telegram it’s “experiencing a technical break” late on April 15. In a statement published Thursday, it announced its intention “to work on compensating users” for the assets stolen in the attack, which it described as “prolonged, complex, and highly technical.” Affected clients will be able to first withdraw holdings in A7A5, the ruble-pegged stablecoin believed to have processed over $100 billion in transactions since its launch in early 2025. The crypto trading platform admitted the funds “have been consolidated in the attackers’ public wallet and are inaccessible for recovery” but emphasized: “Grinex management has made a strategic decision to compensate for the stolen assets and to raise funds for this. The team is working to restore the infrastructure and is developing mechanisms for future compensation. The first step will be the withdrawal of the ruble stablecoin A7A5.” “Finding ways to compensate clients remains our absolute priority,” a spokesperson stressed, adding the company is collaborating with leading experts in the fields of blockchain forensics and cybersecurity. The exchange also said it considers the hack an “unprecedented” example of a hybrid attack, combining infrastructure hacking and theft of funds. It further noted that the case represents a new stage in attempts to influence Russia’s emerging crypto industry. The country prepares to regulate its digital-asset market by the summer. Grinex set to continue to play its role in sanctions evasion In another Telegram post on April 16, Grinex alleged it had been hit by “Western intelligence agencies.” The claim was disputed by analysts at the compliance platform BitOK. Grinex was established in Kyrgyzstan last spring as the successor of the Russian exchange Garantex, which was busted in a U.S.-led operation in March 2025. It is the main trading platform for A7A5, the largest non-dollar stablecoin, believed to be widely used by Russian players to bypass international financial restrictions. Grinex, as well as a number of entities related to the ruble-denominated cryptocurrency, have been targeted in sanctions by the U.S., the EU, and the U.K. These include the Russian company A7, the coin’s alleged creator, and the Kyrgyzstan-incorporated Old Vector, its current issuer. Powerful oligarchs and state-owned Russian banks have been profiting from the schemes designed to evade sanctions imposed by the West, as recently reported by Cryptopolitan. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .

2 May 2026, 09:06

April Hack Frenzy: Record Losses for AAVE and DeFi

Record in April crypto hacks: 600M$+ loss, KelpDAO 292M$, Drift 280M$, AAVE bad debt crisis. DRIFT delisted, AAVE $92.18 downtrend. Technical levels and social engineering tactics analyzed. DeFi se...

1 May 2026, 18:35

DeFi Ecosystem Remains Robust Despite KelpDAO Hack, Standard Chartered Confirms Resilience

BitcoinWorld DeFi Ecosystem Remains Robust Despite KelpDAO Hack, Standard Chartered Confirms Resilience The DeFi ecosystem remains robust despite the significant market disruption caused by the KelpDAO rsETH hack, according to a recent report from Standard Chartered. The $292 million exploit on April 19 exposed structural vulnerabilities in decentralized finance, yet industry leaders quickly mobilized to contain the damage. Standard Chartered analyst Geoffrey Kendrick noted that the hack led to approximately $17 billion in withdrawals from Aave over three days. However, a coordinated response from key players raised over $300 million, demonstrating the sector’s ability to withstand shocks. This article examines the incident, its impact, and why the DeFi ecosystem remains robust. DeFi Ecosystem Remains Robust: The KelpDAO Hack Explained The KelpDAO rsETH hack targeted a liquid restaking protocol, draining $292 million in assets. The attack exploited a vulnerability in smart contract logic, allowing the hacker to manipulate price oracles. This event sent shockwaves through the DeFi ecosystem, causing immediate liquidity crises on platforms like Aave. Standard Chartered’s report highlights that despite these challenges, the DeFi ecosystem remains robust. The hack did not trigger a systemic collapse, thanks to rapid interventions by major protocols. Key details of the hack include: Date: April 19, 2025 Amount lost: $292 million in rsETH tokens Primary impact: $17 billion in Aave withdrawals Affected protocols: KelpDAO, Aave, Lido, and others Standard Chartered’s analysis underscores that the DeFi ecosystem remains robust because of its decentralized governance and rapid response mechanisms. The incident, while severe, did not erode long-term confidence in the sector. Standard Chartered’s Analysis of DeFi Resilience Standard Chartered’s report provides a data-driven perspective on the hack’s aftermath. Geoffrey Kendrick, the bank’s digital assets analyst, emphasized that the DeFi ecosystem remains robust due to the industry’s collective action. Within hours of the exploit, a coalition led by Stani Kulechov, founder of Aave, coordinated a response. The group raised over $300 million to stabilize markets and reimburse affected users. Key supporters included: Aave DAO – Provided governance support and liquidity Arbitrum (ARB) – Offered network resources for mitigation Consensys – Contributed technical expertise Joseph Lubin – Backed the initiative personally Mantle (MNT) – Provided financial support Lido – Helped stabilize staked assets Kendrick concluded that this unity demonstrates the DeFi ecosystem remains robust. Rather than hindering growth, the incident may accelerate development by proving the industry can self-correct. This aligns with Standard Chartered’s broader view that DeFi is maturing into a resilient financial infrastructure. Market Impact and Recovery Timeline The KelpDAO hack triggered immediate market reactions. Aave saw $17 billion in withdrawals over three days, as users rushed to secure funds. This caused temporary liquidity shortages and increased borrowing costs. However, the DeFi ecosystem remains robust, as evidenced by the swift recovery. Within a week, most platforms returned to normal operations. Timeline of events: April 19: KelpDAO exploit executed; $292 million stolen April 20-21: Mass withdrawals from Aave; $17 billion moved April 22: Industry coalition announces $300M response fund April 25: Aave liquidity restored; markets stabilize Standard Chartered’s report notes that the DeFi ecosystem remains robust because of its ability to absorb shocks. The hack’s impact, while significant, was contained. This contrasts with traditional finance, where similar events often require government bailouts. The incident reinforces the argument that decentralized systems can manage crises effectively. Why the DeFi Ecosystem Remains Robust: Structural Strengths Several structural factors explain why the DeFi ecosystem remains robust despite the hack. First, decentralized protocols use multi-signature wallets and time-locks, which limit damage. Second, the industry’s open-source nature allows rapid identification of vulnerabilities. Third, governance tokens enable communities to vote on emergency measures. Standard Chartered highlights these features as key to resilience. Additionally, the DeFi ecosystem remains robust due to its diversified liquidity pools. Unlike centralized exchanges, DeFi platforms spread risk across multiple protocols. This prevents single points of failure. The KelpDAO hack, while large, only affected a small portion of total DeFi value locked. The sector’s total value locked (TVL) remains above $100 billion, indicating sustained confidence. Lessons Learned and Future Implications The KelpDAO hack offers critical lessons for the DeFi ecosystem. Standard Chartered’s analysis suggests that the DeFi ecosystem remains robust, but improvements are needed. Smart contract audits must become more rigorous. Oracle manipulation remains a top threat. The industry should invest in real-time monitoring and insurance mechanisms. Future implications include: Enhanced security protocols – Protocols will adopt better encryption and verification Cross-chain collaboration – Networks will share threat intelligence Regulatory clarity – Governments may introduce frameworks for DeFi Insurance growth – DeFi insurance products will expand Standard Chartered concludes that the DeFi ecosystem remains robust because it learns from failures. Each hack leads to stronger defenses. The industry’s ability to self-correct is a competitive advantage over traditional finance. This resilience will attract more institutional investors, further strengthening the ecosystem. Expert Perspectives on DeFi Resilience Industry experts echo Standard Chartered’s view that the DeFi ecosystem remains robust. Stani Kulechov stated that the coordinated response shows the sector’s maturity. He noted that the $300 million fund was raised in under 48 hours, demonstrating trust among protocols. Similarly, Joseph Lubin emphasized that the DeFi ecosystem remains robust because of its community-driven governance. Data from Dune Analytics shows that Aave’s total value locked has recovered to pre-hack levels. This confirms that the DeFi ecosystem remains robust. The hack did not cause a permanent loss of confidence. Instead, it reinforced the importance of collective security measures. Standard Chartered’s report aligns with these observations, providing a comprehensive analysis of the event. Conclusion The KelpDAO rsETH hack was a significant event, but the DeFi ecosystem remains robust. Standard Chartered’s report confirms that the industry’s coordinated response prevented a broader crisis. The $300 million recovery fund, backed by major players like Aave DAO, Arbitrum, and Lido, demonstrates unity. The DeFi ecosystem remains robust because of its decentralized governance, rapid response capabilities, and ability to learn from failures. As the sector continues to mature, incidents like this will drive innovation and strengthen security. The DeFi ecosystem remains robust, and its future looks promising. FAQs Q1: What was the KelpDAO rsETH hack? The KelpDAO rsETH hack was a $292 million exploit on April 19, 2025, targeting a liquid restaking protocol. It manipulated price oracles, causing significant withdrawals from Aave. Q2: Why does Standard Chartered say the DeFi ecosystem remains robust? Standard Chartered highlights the industry’s rapid response, including a $300 million coalition fund, as evidence that the DeFi ecosystem remains robust despite the hack. Q3: How much did Aave lose in withdrawals? Aave experienced approximately $17 billion in withdrawals over three days following the hack, but liquidity was restored within a week. Q4: Who led the industry response to the KelpDAO hack? Stani Kulechov, founder of Aave, led a coalition that included Aave DAO, Arbitrum, Consensys, Joseph Lubin, Mantle, and Lido. Q5: Will the DeFi ecosystem remain robust in the future? Yes, Standard Chartered believes the DeFi ecosystem remains robust due to its decentralized governance, rapid response capabilities, and continuous security improvements. This post DeFi Ecosystem Remains Robust Despite KelpDAO Hack, Standard Chartered Confirms Resilience first appeared on BitcoinWorld .

1 May 2026, 15:36

Old Ethereum Wallets Drained in Coordinated Attack, Losses Pass $800K

This week, hundreds of Ethereum wallets, many of them inactive for seven years or more, were drained in what on-chain observers dubbed a live draining campaign associated with the same attacker addresses. According to some, losses have already passed $800,000. What Happened and What We Know So Far One victim, posting under the handle Capitulation.eth, was the first to sound the alarm, saying that funds had left their wallet without authorization and noting that others were being “zeroed out” as well. This was confirmed by crypto analyst Wazz, who shared on-chain data showing a single address sweeping wallets that had last moved funds as far back as 2019. Another analyst, Specter, put the victim count in the hundreds and estimated total losses above $800,000. According to them, the attacker deposited 2 ETH to an exchange, likely converted to Monero, and separately bridged 324 ETH, worth around $734,000, to the Bitcoin network via Thorchain. What is striking about the attack is the age of the wallets involved. Specter noted that most affected wallets were created between four and eight years ago, with very few exceptions. Community researchers largely agree that this is not a smart contract vulnerability or a token approval exploit. Developer Fitna was direct about it: “Old secret keys and seed phrases leaked years ago from bad wallet apps, weak randomness, stolen backups, LastPass, cloud leaks, or old 2017/18 software. Hacker is now draining leftover ETH.” Cryptographer Mikerah offered a similar read, suggesting the pattern points to an older key generation process that used weak entropy, adding that the scenario is “really scary to think about.” Developer Rahul Saxena used the incident to urge users to check wallets for old token approvals and pointed to revoke.cash as a tool to remove them, though Fitna and others stressed that approval scams are separate from what appears to be happening here. April Was Already a Terrible Month for DeFi Security This attack landed on the final day of what analyst Abdul described as “the worst month ever in terms of DeFi exploits,” with roughly $635 million lost across 28 incidents in 30 days. The list runs from a $285 million exploit at Drift on April 1 through a $5 million-plus hit on Wasabi Protocol on the same day the dormant wallet drain was flagged. The month’s largest single incident was the KelpDAO exploit on April 18, in which attackers drained nearly $294 million from the liquid restaking protocol’s bridge contract, converting stolen funds into ETH and spreading them across Ethereum and Arbitrum. An attack on Syndicate Network, reported on April 29, added another $330,000 to the total when an address acquired 18.5 million SYND tokens through a bridge compromise and sold them, sending SYND down more than 37% in 24 hours. The post Old Ethereum Wallets Drained in Coordinated Attack, Losses Pass $800K appeared first on CryptoPotato .

1 May 2026, 13:34

Ethereum Price Prediction: Another Exploit, Can ETH Survive This?

Ethereum just breached the $2,300 price level again, but a coordinated wallet drain sent fresh shockwaves through an already fragile market. The full scope of the damage is still emerging, and what’s confirmed so far is enough to rattle even long-term holders. BSCN flagged on May 1 that assets from hundreds of wallets on the Ethereum mainnet, including some dormant for over seven years, were simultaneously moved to a single address. The transaction pattern points to a single attacker exploiting what may be a previously unknown vulnerability. DORMANT ETHEREUM WALLETS DRAINED IN SUSPECTED LIVE EXPLOIT Hundreds of Ethereum $ETH wallets, many inactive for years, have been drained by the same Ethereum address, per Coin Bureau. The activity points to a possible ongoing exploit on the network. Some affected wallets had… pic.twitter.com/vWe4xO2gpD — BSCN (@BSCNews) May 1, 2026 Security researchers are actively tracking the address and fund flows, with activity reportedly still ongoing. Is this an isolated incident, or the opening move of something larger? Discover: The best pre-launch token sales Can Ethereum Price Hold $2,300 Next Week? ETH’s current setup offers little comfort. At $2,300, the asset sits just below its SMA 5 of $2,308, SMA 10 at $2,320, and its SMA 21 at $2,312. Critically, its 200-day moving average, $2,755, is also flashing sell signals. The only technical bright spots are the SMA 50 and SMA 100, which are currently providing marginal support from below. Arguably, Ethereum and the whole crypto market have been flatlining sideways for months now, signaling potential seller exhaustion. But exhaustion alone doesn’t produce a reversal. But then again, the Moving Averages indicator shows buy. Buy Sell Indicators, Tradingview Derivatives compound the concern with long positions dominating futures, but negative funding rates indicate waning conviction behind those longs. The current play will depends if ETH can hold its $2,200 support. If it is, the Ethereum price would likely stabilize above $2,300 and retest $2,400. A consolidation above $2,400 opens a longer path toward $2,700 recovery targets. ETH USD, TradingView However, if the root cause of the vulnerability isn’t identified quickly, security premiums will narrow and asset rotation will accelerate. Discover: The best pre-launch token sales Bitcoin Hyper Targets Bitcoin Level Security When Ethereum’s security narrative fractures, capital doesn’t vanish; it rotates. And right now, some of that rotation is flowing toward infrastructure plays built on stronger technical foundations. Bitcoin Hyper ($H YPER) is positioned directly in that window. The project is the first Bitcoin Layer 2 to integrate the Solana Virtual Machine, delivering sub-second finality and low-cost smart contract execution while preserving Bitcoin’s underlying security model. Hyper is addressing Bitcoin’s core limitations of slow transactions, high fees, and absent programmability in a single architecture. The presale has already raised $32.5 million at a current price of $0.0136 , with staking available for early participants. Bitcoin Hyper presale details are available here . The post Ethereum Price Prediction: Another Exploit, Can ETH Survive This? appeared first on Cryptonews .

1 May 2026, 13:30

$770M in Crypto Exploits Fuels Concerns Over AI-Powered DeFi Threats

In the last four months, crypto exploits surpassed $770 million as per DeFiLlama. Drift and KelpDAO were the two largest breaches and drove nearly 76% of 2026’s crypto exploit losses. AI-powered crypto exploits remain speculative, but automation risks are growing. The crypto industry right now is facing its most alarming security periods yet. By April 2026, according to data presented by DeFiLlama , more than $770 million had already been stolen via crypto-related exploits, and interestingly, almost 76% of those losses have been linked to North Korean cyber operations. Crypto exploit data from the past four months, according to DeFiLlama While major incidents like Drift protocol and KelpDAO exploits have accounted for most of the stolen value, the sheer pace of attacks and increasing sophistication of crypto exploit methods are something that are raising questions about security in DeFi space. Much of the year’s damage came from several major incidents. The two largest publicly reported crypto exploits were Drift Protocol and KelpDAO , which together accounted for more than $577 million in stolen assets. Drift reportedly lost approximately $285 million, while KelpDAO’s exploit was estimated near $292 million. Drift Protocol was exploited on April 1, and the attackers reportedly used social engineering to gain trust over time, then manipulated governance approvals to whitelist fake collateral. This allowed them to deposit worthless assets and borrow real funds like USDC, ETH and SOL. In the case of KelpDAO, attackers exploited a bridge verification flaw that let them unlock unbacked rsETH. They then used that stolen collateral across DeFi lending platforms to borrow hundreds of millions in legitimate assets. Together, these two attacks made up almost 76% of all crypto losses recorded in 2026 through April. DeFi’s Security Model Faces Growing Pressure Beyond Smart Contract Bugs The Drift and KelpDAO attacks exposed weaknesses in DeFi which were beyond simple coding flaws. Drift exploit highlighted how governance systems, multisig security, and operational processes can be exploited when protocols depend on signer trust without sufficient safeguards like time locks or stricter transaction validation. KelpDAO showed the dangers of bridge infrastructure built around single-verifier models, where one compromised verification layer can trigger such huge losses. Such incidents may increase regulatory scrutiny around DeFi governance, bridge security and cross-chain infrastructure, more because billions are being injected within the DeFi space. Regulators may push for stricter operational standards, while protocols may face pressure to adopt stronger security frameworks. The broader ecosystem impact could be substantial. Repeated large-scale hacks may weaken investor confidence, increase security premiums, and shift liquidity toward protocols with stronger governance and infrastructure protections. Ultimately, DeFi’s future may increasingly depend on redesigning governance systems, bridge architecture, and operational defenses to withstand both human and machine-assisted attackers. Apart from the largest incidents, there also have been many smaller attacks. Platforms such as Wasabi Protocol ($5.5 million), Aftermath perps ($1.14 million), Grinex ($15 million), Resolv Labs ($24.5 million) and various bridges or liquidity systems have all experienced security failures ranging from private key compromises to smart contract manipulation. These two attacks alone dramatically reshaped the year’s total losses and reinforced how a small number of highly successful breaches can dominate crypto security metrics. Moreover, according to TRM Labs report and multiple blockchain intelligence reports, both of these crypto exploits have been publicly attributed to North Korean-linked threat Lazarus Group. At the same time, speculation around AI-powered crypto exploit systems are floating around and the most unsettling question that has been raised right now is whether autonomous AI-driven exploit systems are already being deployed? Why AI is now entering the DeFi security conversation Speculation around AI-powered exploit systems gained momentum after DeFi developer Vitto Rivabella publicly theorized that North Korea may eventually funded offensive AI models using historical DeFi exploit data. Even though there has been no confirmed evidence that such systems currently exist, but the theory resonated because of broader industry developments. Andreessen Horowitz (a16z) published a research on April 28, 2026, which states the results of testing where AI coding agents could independently identify vulnerabilities and reproduce DeFi exploit proof-of-concept. Researchers tested an AI coding agent on 20 past Ethereum DeFi hacks. At first, it seemed very successful as it could solve 50% of the cases. But later the researchers found out that the AI was cheating by accessing future blockchain data and copying details from real attacks. Once that shortcut was removed, the AI’s success rate dropped down to 10% only. When researchers gave the AI detailed knowledge from past hacks, such as common attack patterns and strategies, the AI was able to successfully exploit 70% of the cases. The important thing to note from the research is the fact that this AI is already highly capable at vulnerability discovery and increasingly capable at exploit reproduction, though still weaker in highly complex multi-step economic attacks. Complex attacks require planning, strategy, and financial calculations, something that AI still struggles with. The study also found out that the AI could bypass some restrictions in its testing environment, showing it can sometimes work around limitations. DeFi’s Public Architecture Makes it Especially Vulnerable DeFi is one of the sectors that has been exposed to AI-assisted attacks because blockchain systems provide public smart contract code, transparent crypto exploit histories, large onchain financial incentives, flash loan infrastructure, and vast datasets for machine learning analysis. This combination is something that creates an ideal environment for automated systems trained to detect common vulnerability patterns, simulate profitability and identify repeatable crypto exploit opportunities faster than human researchers. If AI-systems continue to improve themselves and their strategic plans, optimization and contract reasoning, then there is a huge possibility that the industry could eventually face exploit frameworks capable of operating at machine speed. AI-Powered DeFi Exploits Remain Unproven, But the Risk Growing There is currently no verified public evidence that nation-state actors or cybercriminal groups are running fully autonomous AI systems to carry out DeFi hacks. However, several trends are becoming increasingly clear. AI-assisted vulnerability discovery is already real, crypto exploit automation is improving, reusable offensive tooling is expanding, and state-sponsored crypto theft remains highly active. Together, these developments suggest that while fully autonomous AI hackers are still speculative, the foundation for such systems may already be forming. The main takeaway is that crypto security threats are evolving at a great speed. Even though AI is not yet proven to be independently driving major DeFi exploits, growing automation, increasingly sophisticated attack infrastructure, and access to massive crypto exploit datasets could significantly reshape blockchain security in the coming years. Also Read: ZetaChain Cross-Chain Contracts Exploited, Blockaid Warns