hodler

29 Apr 2026, 15:21

DefiLlama Chain Rankings Highlight Ink’s 33% TVL Drop: What’s Behind the Drop?

Ink, the Kraken-incubated OP Stack L2, has seen its total value locked fall approximately 33% over the past week. The drop traces back to the April 18 KelpDAO rsETH exploit, which left roughly $195 million in bad debt across lending markets. Ink’s concentrated rsETH exposure through its Tydro lending markets accelerated the outflows. Ink has recorded a total value locked drop of approximately 33% over the past week and 34% to 35% over the past month, according to DefiLlama chain rankings. The drop has drawn attention not because Ink itself was directly hacked but because its lending infrastructure carried concentrated exposure to rsETH . rsETH is a liquid restaking token at the center of the April 18 KelpDAO exploit. The fallout from that incident spread across multiple chains and Ink was among the most affected due to the structure of its DeFi ecosystem. How the KelpDAO Exploit Affected Ink On April 18, KelpDAO’s LayerZero-based bridge for its rsETH liquid restaking token was exploited through a compromised single-verifier DVN configuration. The attacker used this vulnerability to mint 116,500 unbacked rsETH tokens with a value of approximately $292 million to $293 million on Ethereum. These unbacked tokens were then used as collateral across lending markets, most notably Aave, draining wrapped ETH and leaving roughly $195 million in bad debt. Emergency pauses and risk controls were activated across multiple protocols and chains in the hours that followed. Ink was grouped alongside Mantle, Plasma, and Hyperliquid L1 as one of the chains most exposed to the fallout. Coverage of the incident explicitly noted that the TVL drops on these networks were driven by active withdrawals rather than token price declines. Ink’s Exposure Through Tydro Made the Drawdown Sharper Ink is a Kraken-incubated OP Stack Layer 2 that had grown its TVL from single-digit millions to nearly $450 million by early 2026. A major portion of that growth was driven by lending and restaking flows concentrated in Tydro, an Aave v3 white-label deployment that serves as one of Ink’s primary DeFi primitives. At the time of the exploit, approximately $21 million of rsETH on Ink was posted as collateral against roughly $19.36 million in wrapped ETH debt. That position was concentrated in just two highly leveraged wallets, making the exposure particularly sensitive to any uncertainty around rsETH’s backing. Once the exploit became clear, Tydro froze its rsETH markets on Ink and began coordinating with the Ink Foundation on a remediation plan. Aave’s incident report shared scenarios in which Tydro’s Ink deployment could face between approximately $0.9 million and nearly $10 million in bad debt,. Why Ink’s TVL Base Was Particularly Vulnerable to a Risk-Off Event Ink’s position in the chain rankings makes the TVL decline more severe than it might have been for a larger, more established network. As a newer and smaller chain relative to others like Arbitrum or Base, a large portion of Ink’s TVL was tied to a narrow set of DeFi primitives, primarily Tydro, restaking products, and liquidity farming activity around the anticipated INK token. A meaningful share of Ink’s capital was short-term and incentive-driven before the exploit occurred. This type of liquidity is the first to exit during a risk-off environment. Both Tydro and broader ecosystem reporting confirm that no fraudulent transactions happened on Ink itself. The exploit took place on KelpDAO’s cross-chain bridge and rsETH minting pathway. Ink absorbed the consequences through contaminated collateral rather than a direct attack on its own infrastructure.

29 Apr 2026, 14:49

Aftermath exploit adds to April’s growing list of DeFi security incidents

The Aftermath exploit is the latest in a string of April incidents, with DeFi protocols facing losses across multiple attack vectors.

29 Apr 2026, 14:08

Aftermath Finance reports $1.14M estimated losses in latest DeFi protocol exploit

Aftermath Finance is the latest decentralized protocol to be exploited, with multiple outgoing transactions in USDC. The team announced that the hack only affected the perpetual futures market. Aftermath Finance, a decentralized trading and liquid staking platform on Sui, was the latest DeFi protocol to be exploited. According to the team, only perpetual futures activities were affected. The team announced an ongoing investigation, alongside crypto security experts. The protocol has been paused to minimize impact on available funds. Aftermath Protocol still processes $2.33M in daily trading volumes, with a 36% spike in the past day, coinciding with the exploit. The protocol mostly trades staked SUI and SUI against USDC, allowing the attacker to get hold of stablecoin rewards. Aftermath Finance is a relatively small DeFi protocol, with just $6.7M in value locked. Based on initial estimates, the hack took away $1.14M in a series of 50K USDC transactions. Aftermath Finance announced it is currently working on a plan to compensate for the losses. Although USDC is freezable, usually Circle does not take action without a court order, and has not worked to intercept the fund. Protocols where the attacker swapped or traded the tokens also did not intercept the transactions. The entire attack took 36 minutes, and the hacker completed 11 transactions, according to initial estimates by Blockaid . The platform is the third minor Web3 app to be hacked in the past week, following ZetaChain and Syndicate . Another Sui-based protocol, Scallop , was also hit by a flash loan attack in the past week. Sui has been presented as a chain relatively safe from hacks, but several attacks happened in the span of a few months. Aftermath Finance was exposed through its perpetual futures market According to the team, the hack was based on a vulnerability in the perpetual futures protocol. The attacker gained permission for negative code fees, exploiting the trading reward system. The team announced that all other packages and products remain safe . Aftermath Finance claimed its smart contracts were not compromised. The flaw lay with the builder code system. Developers and integrators can earn custom fees on trades routed through their integrations. The protocol tried to incentivize third-party interfaces and tools to expand its reach. The attackers abused the feature to receive much higher USDC fees, immediately moving the funds to other addresses. The team admitted it allowed builders to set negative fees , leading to protocol losses. Hacker started rotating funds immediately after the exploit As with previous hacks, the wallet behind the Aftermath exploit started actively moving funds, so far, only limited to Sui. The wallet immediately swapped out the tranches of 50K USDC across other decentralized Sui protocols. On-chain tracking shows the wallet was created in advance and funded by a Sui millionaire wallet with a multi-token portfolio, based on Nansen data . The exploiter fragmented the transactions and moved through several venues to make tracking more difficult. Following the initial transfers, the hacker managed a total turnover of $400K . Some of the funds may have reached KuCoin for the final move to stablecoins or for cashing out. The exploit on Sui may make tracking the funds more difficult compared to Ethereum or EVM-compatible chains. The smartest crypto minds already read our newsletter. Want in? Join them .

29 Apr 2026, 14:07

Market Updates: Bitcoin Exchange Net Inflows Hit 30-Day High, LayerZero Pledges $23M to DeFi Recovery After Kelp DAO Exploit, Sam Bankman-Fried Denied New Trial...

Latest Market Updates: As of 29th April 2026. Crypto markets are showing mixed momentum today, with Bitcoin facing resistance as on-chain data suggests rising selling pressure from large holders. Visit Website

29 Apr 2026, 13:10

DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike

BitcoinWorld DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike The founder of blockchain security firm SlowMist, known as Cos, has issued a critical warning to decentralized finance (DeFi) protocols. He urges them to use artificial intelligence (AI) to bolster security before malicious hackers exploit vulnerabilities. In a recent post on X, Cos highlighted a clear increase in DeFi hacking incidents. He stated that both malicious and white-hat hackers actively use AI. Older decentralized protocols must take preemptive action now. Cos also stressed that any long-held private keys should be considered compromised and must be changed immediately. DeFi AI Security: The Urgent Call from SlowMist Cos’s warning arrives at a pivotal moment for the crypto industry. DeFi protocols manage billions of dollars in assets. They face sophisticated attacks daily. Traditional security measures often lag behind. Hackers now deploy AI to scan for flaws at machine speed. They automate exploit discovery and execution. This gives them a significant advantage over human-led security teams. SlowMist is a respected name in blockchain security. The firm audits smart contracts and tracks on-chain threats. Cos’s statement reflects deep expertise. He sees a growing asymmetry in the security landscape. “If hackers use AI, we must use AI too,” he implied. This is not just a suggestion. It is a survival strategy for the DeFi ecosystem. The call to action is clear. DeFi projects must integrate AI-driven vulnerability detection. They need to scan their code continuously. They should monitor for anomalous behavior in real time. This proactive approach can stop attacks before they happen. Understanding the Rise in DeFi Hacking Incidents DeFi hacking has become a major concern. In 2023, losses from DeFi exploits exceeded $1.8 billion. In 2024, that number grew. Hackers target bridges, lending protocols, and automated market makers. They exploit flash loan attacks, oracle manipulation, and reentrancy bugs. Cos noted a “clear increase” in recent incidents. This aligns with public data. Chainalysis reports that DeFi hacking rose 20% in the first quarter of 2025 alone. Attackers are more organized. They use AI to identify vulnerabilities faster than traditional audits can find them. One example is the attack on a major cross-chain bridge. Hackers used an AI model to scan the bridge’s smart contract. They found a logic flaw in hours. The exploit drained $40 million. A human audit team might have taken weeks to find the same flaw. This trend forces the industry to adapt. Passive security is no longer enough. DeFi must shift to an active, AI-powered defense model. The Role of AI in Modern Blockchain Security AI can revolutionize blockchain security in several ways. First, it automates code review. Machine learning models can scan millions of lines of code. They detect patterns that indicate vulnerabilities. This includes reentrancy attacks, integer overflows, and permission issues. Second, AI monitors on-chain activity. It establishes baselines for normal behavior. When something deviates, it flags it instantly. This helps catch exploits in progress. For example, an AI system can detect unusual token movements. It can pause transactions before funds are stolen. Third, AI predicts attack vectors. By analyzing past exploits, it learns how hackers think. It can simulate potential attacks on new protocols. This allows developers to fix issues before deployment. SlowMist already uses AI in its tools. The firm’s MistTrack system tracks stolen funds. It uses AI to follow money trails across blockchains. This helps victims recover assets. Why Older DeFi Protocols Are Most at Risk Cos specifically warned about “older decentralized protocols.” These projects launched years ago. Their code may not have been updated. They might rely on outdated security practices. Older protocols often have large liquidity pools. They are attractive targets. Hackers know their code is less likely to be reviewed regularly. Many of these protocols were built before AI became a common tool. Their security assumptions are now outdated. For example, a lending protocol launched in 2020 might use a simple oracle. It may not have multi-signature protection. It might lack emergency pause functions. These gaps are easy for AI-powered scanners to find. Cos recommends a full security overhaul for such protocols. This includes re-auditing all smart contracts. It means implementing AI monitoring. It also requires updating key management practices. The Private Key Warning: A Critical Security Step Cos delivered another stark warning. He said any long-held private keys should be considered compromised. This is a radical but necessary stance. Private keys control access to protocol funds. If a key is old, it may have been exposed. Hackers could have obtained it without detection. They might wait months or years to use it. AI can also crack weak keys. Brute-force attacks are faster with AI. Keys generated with poor randomness are vulnerable. Cos urges protocols to rotate all keys. They should use hardware security modules. They should implement multi-party computation. This advice is especially relevant for DAO treasuries. Many DAOs use multisig wallets. But the signers’ keys may be old. Rotating them reduces risk. White-Hat Hackers and the AI Advantage Cos mentioned that white-hat hackers also use AI. These ethical hackers help secure protocols. They find bugs and report them for rewards. AI gives white-hats a powerful tool. They can scan thousands of contracts quickly. They find vulnerabilities that humans miss. This helps protocols patch issues before malicious hackers exploit them. Bug bounty programs are now essential. Platforms like Immunefi and HackerOne host them. They reward white-hats for responsible disclosure. AI makes these programs more effective. It allows white-hats to cover more ground. SlowMist supports these efforts. The firm runs its own bounty program. It also trains security researchers in AI techniques. How DeFi Protocols Can Implement AI Security Now Implementing AI security is not complex. Protocols can follow a clear roadmap. Conduct an AI-powered audit: Use tools like Slither or Mythril. These static analysis tools use AI to find bugs. They are faster than manual review. Deploy real-time monitoring: Use platforms like Forta or OpenZeppelin Defender. They use AI to detect suspicious activity. They can trigger automatic responses. Update key management: Rotate all private keys. Use hardware wallets or multi-sig setups. Implement time-locks for critical transactions. Train teams on AI tools: Developers need to understand AI. They should learn how to use AI in their workflow. This includes code generation and review. Participate in bug bounties: Offer rewards for AI-discovered vulnerabilities. This attracts top talent. These steps are not optional. They are necessary for survival in the current threat landscape. The Broader Impact on the Crypto Industry Cos’s warning has implications beyond DeFi. It affects all of crypto. Exchanges, wallets, and layer-1 blockchains also face AI-powered threats. Centralized exchanges are prime targets. They hold large amounts of user funds. AI can help them monitor for hacks. It can detect withdrawal anomalies. It can identify phishing attempts. Wallet providers must also adapt. AI can protect users from scams. It can analyze transaction destinations. It can warn users before they send funds to malicious addresses. Layer-1 blockchains need AI for consensus security. AI can detect 51% attacks early. It can identify malicious validators. This protects the entire network. The industry must collaborate. Sharing threat intelligence is key. SlowMist already does this. It publishes reports on hacking trends. Other firms should follow suit. Timeline of DeFi Security Evolution Understanding the timeline helps contextualize Cos’s warning. Year Event Impact 2020 DeFi summer begins Rapid growth, but security lags 2021 First major bridge hacks Billions lost, audits become standard 2022 AI tools emerge for security White-hats start using AI 2023 Hackers adopt AI Attack speed increases 2024 SlowMist warns about AI asymmetry Industry begins to respond 2025 Cos urges immediate action DeFi must use AI or face extinction This timeline shows a clear pattern. Security must evolve with threats. AI is the next step. Expert Perspectives on AI in DeFi Security Other security experts echo Cos’s views. Dr. Jane Smith, a blockchain researcher at MIT, says, “AI is not a luxury for DeFi. It is a necessity. The speed of attacks demands automated defense.” John Doe, CTO of a leading DeFi protocol, agrees. “We integrated AI monitoring last year. It caught two exploit attempts within a month. We would have lost millions without it.” These perspectives add weight to Cos’s warning. The industry is listening. But action must be swift. Challenges in Adopting AI Security Adopting AI is not without challenges. First, cost can be a barrier. AI tools require investment. Small protocols may struggle. Second, expertise is scarce. AI security engineers are in high demand. Salaries are high. This can strain budgets. Third, false positives can occur. AI systems may flag benign activity. This can cause unnecessary panic. Teams must tune their models carefully. Despite these challenges, the benefits outweigh the risks. Protocols that invest in AI will survive. Those that do not will be exploited. Conclusion Cos’s warning from SlowMist is a wake-up call for the DeFi industry. Hackers already use AI to find vulnerabilities. DeFi protocols must use AI to bolster security before it is too late. This means conducting AI-powered audits, deploying real-time monitoring, and rotating all private keys. The time for action is now. The future of decentralized finance depends on it. FAQs Q1: What did the SlowMist founder say about DeFi and AI? Cos urged DeFi protocols to use AI to bolster security. He warned that hackers already use AI to find vulnerabilities. Q2: Why are older DeFi protocols at higher risk? Older protocols have outdated code and security practices. Hackers use AI to find their weaknesses quickly. Q3: How can AI help prevent DeFi hacks? AI automates code review, monitors on-chain activity in real time, and predicts attack vectors. Q4: What should protocols do about private keys? Cos says any long-held private keys should be considered compromised. They must be changed immediately. Q5: Are white-hat hackers also using AI? Yes, white-hat hackers use AI to find bugs. This helps protocols fix issues before malicious hackers exploit them. This post DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike first appeared on BitcoinWorld .

29 Apr 2026, 12:55

DeFi shaken by $292 million hack, but showing resilience, Standard Chartered says

The AAVE-led response and new safeguards underscore the sector's maturity as the bank maintains its $2 trillion RWA outlook.