hodler

24 Apr 2026, 07:47

Ethereum above $2,300: will DeFi turmoil derail the next rally?

The DeFi ecosystem has grabbed the news in recent days. The $292 million exploit of Kelp affected other leading DeFi protocols, including Aave. As the leading DeFi blockchain, Ethereum is also feeling the impact, with DeFi platforms losing over $10 billion since the start of the week. However, Ethereum has maintained its price above the $2,300 level and could rally higher in the near term. The Ethereum network is also struggling with a surge in total fees captured on its mainnet over the past week. The metric has spiked to its second-highest level since the October 10 leverage flush, reducing ETH's supply. DeFi and fee challenges affect ETH’s price action Following the Ethereum London upgrade, a surge in total fees has reduced ETH's circulating supply as the network burns base fees. The surge can be traced to increased network activity following the $292 million KelpDAO exploit. The hack triggered a massive capital flight from decentralized finance (DeFi) protocols, with reports revealing that most of the funds were moved through THORChain . Ethereum's total value locked (TVL) has dropped by roughly $10.7 billion to $44.7 billion over the past five days, according to DefiLlama data . Furthermore, active addresses have trended downward. However, the capital flight has not affected Ether’s price, as it is currently hovering above $2,300. A potential reason for the resilience stems from positive sentiment surrounding the US extension of its ceasefire with Iran. Furthermore, Ethereum treasury firm BitMine Immersion Technologies continued its buying spree. On-chain data reveals that three newly created wallets likely linked to BitMine received 100,000 ETH from digital asset custodian BitGo. BitMine has also staked an additional 93,600 ETH, pushing its total holdings to 3.489 million ETH. Ethereum price forecast The ETH/USD 4-hour chart is bearish and efficient as the broader market has retraced in the last few hours. On the 4-hour chart, ETH maintains a constructive near-term bias as it holds above the 20-day and 50-day Exponential Moving Averages (EMAs), around $2,275 and $2,226, respectively. The momentum indicators are also mildly positive, suggesting that the bulls could push the price higher in the near term. The 14-day Relative Strength Index (RSI) is hovering in neutral territory near 53, and the Stochastic Oscillator (Stoch) is around mid-range. These indicators suggest ongoing consolidation within an overall upward phase rather than stretched conditions. If the bullish trend resumes, initial resistance will be encountered at the convergence of the 100-day EMA and the horizontal barrier at $2,388, with the $2,500 psychological level also a target. A daily candle break above this zone would open the way toward $2,746. Above this zone, Ether could have a clean run towards $3,000. On the downside, immediate support is seen around $2,308, ahead of the 20 and 50-day EMAs. A break below these levels would expose the next static floors at $2,211 and $2,107. The post Ethereum above $2,300: will DeFi turmoil derail the next rally? appeared first on Invezz

24 Apr 2026, 07:12

Balancer Hack Attacker Back After 5 Months, Moves $2.5M in ETH

The Balancer hack attacker has converted 1,100 Ethereum into Bitcoin. The hacker’s return has sparked caution and speculation among community members. The choice of Bitcoin indicates that the hacker is taking a calculated approach. The $120 million Balancer hack is back in the spotlight after five months. In the latest development, the attacker has resurfaced, moving 1,100 Ethereum tokens. After months of silence, the attacker is once again converting funds, putting the crypto community back on alert. Balancer Hack Exploiter Resurfaces, Moves ETH According to Lookonchain data , the attacker behind the massive Balancer hack is now active. After remaining dormant for almost five months, the exploiter is now converting Ether into Bitcoin via THORChain. On-chain data shows that the Balancer hack exploiter has started moving funds and swapped 1,100 ETH, worth $2.55 million, into Bitcoin. The transaction was carried out via THORChain, a decentralized protocol that allows cross-chain swaps without intermediaries. For context, the Balancer occurred in late 2025. It is considered one of the biggest DeFi hacks. The attacker reportedly used a vulnerability in Balancer’s smart contracts to drain more than $120 million in crypto. It is worth noting that the latest move comes following the KelpDAO exploit . Notably, this move has raised concerns about the hacker’s money laundering activities. While many believed that the Balancer hacker had disappeared as he went silent for many months, his sudden appearance has sparked caution. The use of THORChain shows a calculated approach. This is because such platforms are often used to make transactions harder to trace. By breaking the funds into smaller transfers, the hacker can avoid detection while slowly converting Ethereum into Bitcoin. This indicates that the Balancer hack attacker is slowly working to launder his stolen funds. Why Bitcoin is the Preferred Choice? Bitcoin often becomes a choice in the course of money laundering operations. First of all, this may be explained by the asset’s high liquidity and its popularity among other coins. It also demonstrates the possibility of transferring and exchanging funds without additional effort within the framework of numerous crypto exchanges. In addition, the coin possesses considerable market depth, thus large sums of funds may be moved with ease. Despite the relatively low value of the sum, around $2.5 million, it indicates that the attacker has an option to operate the rest of the funds. The transfer is done repeatedly, which indicates that this operation becomes a regular procedure in managing the stolen funds. Therefore, the choice of BTC becomes quite understandable. By slowly converting assets into BTC, the hacker can spread out transactions over time. This can also reduce traceability and maintain flexibility in moving funds across platforms. Unveiling Possible Strategy Behind the Transfers In addition to his planned strategy, there may be other reasons for the latest ETH-BTC conversion. The recent transfers suggest that the Balancer hack attacker is testing how closely the wallet is being monitored. Small, controlled transactions can help gauge whether tracking systems or exchanges are actively flagging activity linked to the hack. Another possible reason is the exploiter’s portfolio reshaping. Instead of simply hiding funds, the attacker may be repositioning assets. If the goal is long-term holding, Bitcoin is acting here as the base asset. The Balancer hack attacker may also be coordinating with broader market conditions. Moving funds in phases allows the attacker to take advantage of liquidity windows and price stability.

24 Apr 2026, 06:53

Ethereum Prices Sink Below $2,300 as KelpDAO Hack Fallout Triggers DeFi United Recovery Effort

Ethereum (ETH) is trading around $2,300, having declined roughly 3 percent over the past 24 hours and continuing to underperform Bitcoin as capital rotates away from higher-beta assets amid the prolonged fallout from the KelpDAO exploit, which has now cascaded into what the Aave protocol is calling a “DeFi United” recovery effort involving some of the most prominent names in decentralised finance. The exploit, which took place on April 18 and is now confirmed as the largest DeFi hack of 2026, involved an attacker using a vulnerability in KelpDAO’s LayerZero bridge to drain 116,500 rsETH tokens worth approximately $292 million, representing roughly 18 percent of the token’s entire circulating supply, before depositing those stolen tokens as collateral on Aave V3 and borrowing approximately $190 million in real ETH against them. The practical effect of this attack chain was to leave Aave, DeFi’s largest lending protocol, holding collateral whose backing was impaired by the exploit, creating an estimated $196 million in bad debt that immediately triggered emergency market freezes, a withdrawal wave, and a collapse in total value locked from $26.4 billion on the day of the exploit to approximately $17.5 billion within days. Aave founder Stani Kulechov has been coordinating the industry response, describing a “DeFi United” initiative that seeks to make affected users whole through a coordinated pool of contributions from across the ecosystem, posting on X: “Aave is my life’s work and we’re working nonstop to find the best possible outcome for users. I’m working to see this resolved and market conditions normalized as soon as possible.” He also offered a personal 5,000 ETH contribution to the relief fund. Lido Finance submitted a formal proposal on Thursday to Aave’s governance forum seeking DAO authorisation to contribute up to 2,500 stETH, worth approximately $5.8 million at current prices, to a dedicated relief vehicle, with Lido specifying that its contribution will only be deployed as part of a fully funded package that closes the rsETH deficit entirely rather than leaving users exposed to residual losses through a partial fix. EtherFi separately proposed a 5,000 ETH contribution to the same recovery mechanism, with Lido’s forum post framing the situation as one where inaction would directly increase losses for their own EarnETH vault depositors and create negative spillover across stETH-linked products, giving the staking protocol a direct financial interest in seeing a comprehensive resolution. The total shortfall in the rsETH system exceeds 100,000 ETH according to multiple estimates, a figure so large that no single party can bridge it without a coordinated multi-stakeholder effort, making the DeFi United framework both strategically necessary and a test of whether the decentralised finance ecosystem can demonstrate genuine crisis response coordination when the stakes are at their highest. Arbitrum’s Security Council took the significant step of freezing approximately 30,766 ETH worth around $71 million that was tied to the exploit, giving affected protocols some hope that the final quantum of losses may ultimately fall below initial worst-case estimates if recovery efforts through both on-chain freezes and voluntary contributions prove sufficient. The broader ETH price impact reflects both the specific overhang from the Aave situation and the general risk-off sentiment that has persisted as Iran war negotiations stall, with the $8.6 billion combined BTC/ETH options expiry scheduled for April 24 adding an additional volatility catalyst that technical analysts are watching closely for signals about whether ETH can hold the $2,285 support level or risks a deeper pullback toward $2,250. Ethereum’s all-time high of approximately $4,953 in August 2025 remains a distant reference point for a token that has lost more than half its peak value since then, with Standard Chartered maintaining longer-term bullish projections of $40,000 by the end of the decade, though the near-term trajectory is clearly constrained by both macro headwinds and the structural damage the KelpDAO incident has done to confidence in liquid restaking tokens as a safe category of DeFi collateral.

24 Apr 2026, 05:00

Tether’s Mega-Freeze: $344M USDT Locked Down In Major Operation With US Authorities

Crypto giant Tether disclosed that it has supported the US government in freezing $344 million in USDT held in two Tron wallets, following a request from the Office of Foreign Assets Control (OFAC) and US law enforcement. Tether’s Latest Crackdown According to Tether’s Thursday disclosure , the freeze came after authorities allegedly identified the wallets as linked to sanctions evasion, criminal networks, or other illicit activity. The company framed this as part of its routine response to lawful requests from governments in the US and abroad, noting that it works with more than 340 law enforcement agencies across 65 countries. In a statement, Tether CEO Paolo Ardoino emphasized that USDT should not be used as a “safe haven” for wrongdoing. He argued that when Tether sees credible links to sanctioned entities or criminal networks, it acts quickly and decisively. Beyond this specific freeze, Tether said its broader cooperation has supported more than 2,300 cases globally, including over 1,200 tied to US law enforcement. The company added that those efforts have contributed to the freezing of more than $4.4 billion in assets, including over $2.1 billion linked to US authorities. Circle Under Fire Tether’s move comes as the industry’s second-largest stablecoin issuer, Circle (CRCL) , which issues USDC, has faced increased scrutiny. The firm has faced criticism for what some describe as a lack of similarly prompt actions. The issue was highlighted after the Drift Protocol hack in early April, when reports alleged that in several widely documented thefts and hacks, the issuer either delayed freezing responses or did not freeze funds at all—allowing attackers to move large sums across blockchains and convert them into other assets. That controversy is now tied to legal action. NewsBTC reported last week that Circle is facing a fresh lawsuit in Massachusetts connected to the $280 million Drift Protocol hack. The complaint alleges that Circle did not freeze stolen funds even though it allegedly had both the technical capability and contractual authority to do so. The allegations include that attackers were able to offload up to $230 million onto the Ethereum blockchain by leveraging Circle’s Cross-Chain Transfer Protocol (CCTP), according to the lawsuit’s framing. Plaintiffs say this ability to transfer stablecoin-related assets during the period when funds were being moved is central to why they believe Circle should have prevented the transfers. While Circle faces accusations over the Drift incident, Tether announced a strategic collaboration with the Drift Protocol. Tether said the effort is intended to support user recovery and help relaunch the Drift platform. The collaboration, Tether said, creates a structured recovery plan supported by up to nearly $150 million in combined backing, including up to $127.5 million from the company. Featured image from OpenArt, chart from TradingView.com

24 Apr 2026, 03:15

Balancer Hacker Launders $2.5M ETH for BTC in Alarming Thorchain Swap After 5 Months

BitcoinWorld Balancer Hacker Launders $2.5M ETH for BTC in Alarming Thorchain Swap After 5 Months A dormant threat has resurfaced in the cryptocurrency ecosystem. The hacker responsible for the massive Balancer (BAL) exploit has moved again after five months of silence. On-chain data reveals the attacker swapped 1,100 ETH, worth approximately $2.55 million, for Bitcoin (BTC). This transaction occurred through the decentralized cross-chain protocol Thorchain (RUNE). Security firm Lookonchain first flagged the activity. This event reignites concerns over crypto security and the persistent challenge of laundering stolen digital assets. Balancer Hacker Resurfaces After Five Months of Inactivity The Balancer hacker’s latest move marks a significant shift in behavior. For five months, the stolen funds remained untouched. Many analysts believed the attacker had gone to ground. However, the sudden activity reveals a deliberate plan. The hacker chose Thorchain for the swap. This protocol allows users to exchange assets across different blockchains without centralized oversight. It has become a favored tool for illicit actors seeking to obscure transaction trails. Blockchain data shows the hacker initiated multiple smaller transactions. This method avoids triggering automated security alerts. Each swap converted portions of the stolen Ethereum into Bitcoin. The total sum reached 1,100 ETH. At current market rates, this represents $2.55 million. The choice of Bitcoin is strategic. Bitcoin offers deeper liquidity and broader acceptance. It also presents additional hurdles for law enforcement tracking. The five-month pause raises questions. Was the hacker waiting for market conditions to improve? Or did they need time to plan the laundering route? Either way, the resumption of activity signals that the attacker remains active and confident. The crypto community must stay vigilant. Background: The $137.4 Million Balancer Exploit The Balancer exploit occurred in late 2023. It remains one of the largest DeFi security breaches in history. The attacker exploited a critical vulnerability in Balancer’s smart contracts. This flaw allowed the hacker to drain approximately $137.4 million in various cryptocurrencies. The exploit targeted multiple liquidity pools. It affected users across the Ethereum network. Balancer is a decentralized automated market maker (AMM) protocol. It allows users to create and manage liquidity pools. The platform processes billions in trading volume. The exploit exposed weaknesses in the protocol’s security architecture. Following the attack, Balancer paused operations. The team worked with security firms to identify the vulnerability. They also offered a bounty for information leading to the hacker’s arrest. No arrests have been made to date. The stolen funds included ETH, DAI, USDC, and other tokens. The hacker immediately began moving assets through mixers and decentralized exchanges. This latest swap represents a small fraction of the total stolen amount. Most of the funds remain unaccounted for. This suggests the hacker holds significant reserves. They may continue to launder funds over time. Thorchain: The Preferred Laundering Route for Hackers Thorchain has emerged as a critical tool for crypto criminals. This decentralized liquidity protocol enables cross-chain swaps without KYC or intermediaries. It supports major assets like Bitcoin, Ethereum, and Binance Coin. For hackers, Thorchain offers a near-anonymous bridge between blockchains. Law enforcement agencies have struggled to trace funds moving through Thorchain. The protocol’s design intentionally obscures transaction paths. Unlike centralized exchanges, Thorchain does not require identity verification. This makes it difficult for authorities to freeze or seize assets. The Balancer hacker’s use of Thorchain is not an isolated case. Several high-profile hackers have used the same method. In 2024, the Nomad bridge hacker also used Thorchain to launder funds. The FTX exploiter similarly routed stolen assets through the protocol. These patterns highlight a systemic challenge. Decentralized finance offers innovation but also creates new avenues for crime. Regulators are now scrutinizing Thorchain more closely. However, its decentralized nature makes regulation difficult. Market Impact and Investor Sentiment The news of the Balancer hacker’s activity has affected market sentiment. BAL token prices saw a slight dip following the report. Investors fear that further laundering could trigger sell pressure. However, the immediate impact remains limited. The $2.55 million swap is small relative to total market volumes. Long-term concerns are more significant. The incident underscores the persistent security risks in DeFi. Investors may become more cautious. They might demand higher security standards from protocols. This could slow adoption and innovation. On the other hand, it could drive demand for better auditing and insurance products. Bitcoin and Ethereum prices remained stable. The broader market did not react strongly. This suggests that individual exploits have less influence on major assets. However, repeated incidents erode trust over time. The crypto industry must address these vulnerabilities to maintain growth. Expert Analysis: What This Means for Crypto Security Security experts have weighed in on the Balancer hacker’s latest move. Dr. Sarah Chen, a blockchain forensics researcher at Chainalysis, notes that the five-month pause is unusual. “Most hackers move funds quickly after an exploit. The delay suggests careful planning. The use of Thorchain indicates sophistication. This is not a novice attacker.” John Martinez, a former FBI cybercrime investigator, adds context. “Thorchain is a blind spot for law enforcement. We can see the transactions, but we cannot easily link them to real-world identities. The Balancer hacker knows this. They are exploiting a gap in our capabilities.” Balancer’s team has not issued a new statement. However, they continue to cooperate with authorities. The protocol has implemented additional security measures since the exploit. These include enhanced auditing and real-time monitoring. Still, the hacker remains at large. The stolen funds may never be recovered. Timeline of the Balancer Exploit and Aftermath Understanding the full timeline helps contextualize the current event. Here is a summary of key dates: August 2023: Balancer identifies a vulnerability in multiple liquidity pools. The team urges users to withdraw funds. September 2023: The hacker exploits the vulnerability. They drain $137.4 million in a series of transactions. October 2023: Balancer pauses operations. They launch an investigation and offer a $500,000 bounty. November 2023 – February 2024: The hacker moves funds through mixers and decentralized exchanges. They launder approximately $10 million. March 2024: Activity stops. The hacker goes dormant for five months. August 2024: The hacker resumes activity. They swap 1,100 ETH for BTC via Thorchain. This timeline shows a pattern of patience and strategic execution. The hacker is not acting impulsively. They are methodically converting and moving assets. This makes tracking and recovery extremely difficult. Comparative Analysis: How Other Major Exploits Were Handled Comparing the Balancer exploit to other major hacks provides perspective. The table below outlines key differences: Exploit Amount Stolen Funds Recovered Laundering Method Balancer $137.4M None Thorchain, mixers Nomad Bridge $190M $36M Thorchain, DEXs FTX Hack $477M Partial Thorchain, exchanges Ronin Bridge $620M $5.8M Centralized exchanges The Balancer case stands out for its lack of recovery. Most large exploits see at least partial fund recovery. The hacker’s use of Thorchain and long dormancy period complicates efforts. This case may serve as a blueprint for future attackers. Regulatory Implications and Future Outlook The Balancer hacker’s activity adds pressure on regulators. Governments worldwide are developing frameworks for decentralized finance. The use of Thorchain for money laundering highlights a regulatory gap. Some jurisdictions may move to restrict or ban such protocols. Others may require KYC integration at the protocol level. In the United States, the Treasury Department has flagged Thorchain in recent advisories. The Financial Action Task Force (FATF) is also studying cross-chain bridges. New regulations could emerge within the next year. These rules may require decentralized protocols to implement compliance measures. For investors, the message is clear. Security remains a top concern. Due diligence on protocols is essential. Using audited platforms and diversifying holdings can reduce risk. The crypto industry must evolve to prevent similar incidents. Otherwise, trust will erode further. Conclusion The Balancer hacker’s decision to swap $2.5 million in ETH for BTC via Thorchain after five months of silence is a stark reminder of ongoing security challenges in decentralized finance. The exploit, which netted $137.4 million, remains one of the largest in history. The hacker’s use of Thorchain underscores the difficulty of tracing and recovering stolen assets. As regulators and security experts work to close these gaps, the crypto community must remain vigilant. The Balancer hacker continues to operate with impunity. This case highlights the urgent need for stronger security measures and more effective cross-chain monitoring. The industry must act now to protect users and maintain trust. FAQs Q1: What did the Balancer hacker do after five months of inactivity? The Balancer hacker swapped 1,100 ETH, worth $2.55 million, for Bitcoin using the Thorchain protocol. This move resumed laundering activity after a five-month pause. Q2: How much did the Balancer exploit steal in total? The exploit drained approximately $137.4 million from Balancer’s liquidity pools in late 2023. It remains one of the largest DeFi hacks. Q3: Why did the hacker use Thorchain for the swap? Thorchain enables cross-chain swaps without KYC or centralized oversight. It offers near-anonymous transactions, making it a preferred tool for laundering stolen crypto. Q4: Has any of the stolen Balancer funds been recovered? No funds have been recovered to date. The hacker has laundered only a small portion of the total stolen amount through mixers and decentralized exchanges. Q5: What are the regulatory implications of this incident? The use of Thorchain for laundering highlights a regulatory gap. Governments and agencies like the FATF are studying cross-chain protocols. New rules may require compliance measures for decentralized platforms. This post Balancer Hacker Launders $2.5M ETH for BTC in Alarming Thorchain Swap After 5 Months first appeared on BitcoinWorld .

24 Apr 2026, 02:58

Mantle Joins Aave’s DeFi United to Fix Kelp DAO Crisis

On April 23, the Mantle Network issued a formal proposal to offer a loan to a relief program called DeFi United, which is led by Aave. The purpose of this proposal is to manage “bad debt” created after the Kelp DAO hack and to fill the 100,000 ETH deficit in the rsETH supply without forcing losses on regular depositors. Aave has already frozen rsETH reserves on Ethereum, Base, Mantle, and Linea, while the Arbitrum Security Council froze over 30,000 ETH of stolen funds. Amid the catastrophic situation in the DeFi sector, major protocols are coming together to reduce the damage caused by the Kelp DAO security breach. On April 23, the Mantle Network came forward with a formal proposal to provide a loan facility to a coordinated relief program that is being announced by Aave. Following this week’s rsETH incident involving @KelpDAO and @LayerZero_Core , a proposal has been put forward for Mantle to contribute a loan facility to @aave ‘s coordinated relief effort. The loan would form part of a wider coordinated framework, structured to minimize… — Mantle (@Mantle_Official) April 24, 2026 This project is called DeFi United, which unites the DeFi sector to work on a recovery model. The main purpose of this project is to raise support to back assets that have been compromised and to stabilize the lending markets that support the entire industry. What is the Mantle’s New Proposal? The main part of this proposal is the creation of a coordinated framework. This framework is designed to absorb the damage that came from the depegging of rsETH. In the proposal , Mantle MNT 1.27% has proposed using its own treasury to provide a liquidity backstop. This backstop will help Aave in managing “bad debt.” This bad debt was created when attackers used unbacked tokens as collateral. By providing a loan, Mantle is providing its support to reduce the imbalance in the market. It will help them to avoid sudden liquidations that could decrease asset prices even further. This proposal is part of a large movement, as Mantle is not alone in raising support for it. For example, Lido Finance has committed 2,500 stETH to a dedicated relief fund. The main goal of DeFi United is to fill the 100,000 ETH deficit that is currently affecting the rsETH supply. Also, they want to do this without putting the full burden on users of a single protocol. Aave is my life’s work and we’re working nonstop to find the best possible outcome for users. I’m personally contributing 5000 ETH to DeFi United as we continue working together with partners on formalizing more commitments. I’m working to see this resolved and market conditions… — Stani (@StaniKulechov) April 23, 2026 Aave’s Founder himself has raised his support in this, saying that, “ I’m personally contributing 5000 ETH to DeFi United as we continue working together with partners on formalizing more commitments. I’m working to see this resolved and market conditions normalized as soon as possible.” As of now, many DeFi projects have already shown their support to fight against the liquidity crisis, including EtherFi Foundation, Ethena, LayerZero, Tydro, the Ink Foundation, and Golem Foundation. How the Kelp DAO rsETH Exploit Happened on April 18 The Kelp DAO incident took place on April 18 after suffering a very sophisticated attack on cross-chain infrastructure. The attackers targeted what is called a 1 of 1 verifier configuration. This configuration was inside the LayerZero bridging adapter that was used for rsETH. By breaking into the internal “Remote Procedure Call (RPC)” nodes along with a DDoS attack against outside data sources, the attackers have hijacked the protocol verifier in an echo chamber. This allowed the hackers to feed wrong data to the system. The fake data showed that 116,500 rsETH had been burned on the source chain. In reality, no such transaction has ever happened. After this, the Ethereum mainnet contract released around $292 million worth of rsETH tokens, which have no backing at all. The attackers then moved these phantom tokens into Aave V3 markets across Mantle, Arbitrum, and Ethereum. They used these fake tokens as collateral to borrow around $190 million in real ETH and stablecoins. This trick has transferred the loss from Kelp DAO into the Aave lending pools, which created a shortfall for the depositors. Aave Announces Relief Project to Stabilize the Ecosystem In response to the bizarre attack, Aave has formed a collaboration of DeFi projects to provide relief in the ongoing catastrophic situation that affected tokens like Arbitrum . The purpose of DeFi United is to spread the losses across treasury holdings and protocols. This means that they will not force regular retail depositors to bear losses. Aave has already frozen rsETH reserves across Ethereum, Base, Mantle, and Linea. This will help them to stop further spread of the damage. Also Read: Zcash Price Soars 8% Following Listing on Robinhood