Seasons
Leaderboard
News
Learn
Research
Ranking
Ecosystem
Wallet
yellow banner logo
TRADING
PLATFORM LIVE
GET STARTED
yellow shooting stars
background stars

Every DeFi Trader Is Watching This Kelp $292M DAO Exploit — Here's Why It Changes Lending

profile-murtuza-merchant
Murtuza Merchant12 hours ago
#Kelp DAO#DeFi#Ethereum
Every DeFi Trader Is Watching This Kelp $292M DAO Exploit — Here's Why It Changes Lending

A single exploit against Kelp DAO's LayerZero-powered bridge has turned into the largest DeFi loss of 2026, with the attacker draining roughly 116,500 rsETH worth around $292 million at 17:35 UTC on Saturday, then pushing the stolen tokens into Aave (AAVE), Compound and Euler (EUL) to extract hundreds of millions more in borrowed WETH.

Every major Ethereum (ETH) lending market is now running emergency freezes.

How The Attacker Fooled LayerZero

Kelp's bridge relies on LayerZero's cross-chain messaging layer to mint and release rsETH across more than twenty networks.

Investigators say the exploiter fed the bridge a forged instruction that looked like a valid message from another chain, which triggered it to release 116,500 rsETH to an attacker-controlled address.

On-chain sleuth ZachXBT was first to flag the outflow and confirmed the bridge never received the matching inbound transfer that was supposed to anchor the mint.

A Bad Debt Spiral On Aave V3

Within minutes of the mint, the attacker moved the stolen rsETH into Aave V3, Compound V3 and Euler as collateral and borrowed more than $236 million in WETH across the three markets.

Because the rsETH deposited was unbacked, the lending protocols were left holding collateral against an asset that no longer represented real restaked Ether.

Also Read: Why Does An Oil Lane 7,000 Miles Away Control The Bitcoin Price

Aave governance has already paused new rsETH deposits, and AAVE fell about 10% as the market priced in potential bad debt.

Twenty Chains Worth Of Stranded Wrapped Ether

rsETH circulates on more than twenty Layer 2s and sidechains, and the single-chain exploit has raised doubts about whether any of those wrapped supplies remain fully backed.

Fluid and SparkLend joined Aave in freezing rsETH markets within hours. Around 18% of the 630,000 rsETH circulating supply was lifted in one transaction, according to data cited by CoinDesk.

What You Should Watch Next

Kelp DAO's team has opened a 24-hour whitehat negotiation window and is coordinating with LayerZero on a post-mortem.

The immediate question is whether rsETH holders on non-Ethereum networks can be made whole, and whether Aave depositors absorb any portion of the bad debt.

The exploit also reopens a bigger debate inside DeFi, which is whether restaked Ether of any flavour should be accepted as blue-chip collateral at all.

Read Next: What Happens When the Most Powerful AI Gets Its Own Crypto Wallet

Disclaimer and Risk Warning: The information provided in this article is for educational and informational purposes only and is based on the author's opinion. It does not constitute financial, investment, legal, or tax advice. Cryptocurrency assets are highly volatile and subject to high risk, including the risk of losing all or a substantial amount of your investment. Trading or holding crypto assets may not be suitable for all investors. The views expressed in this article are solely those of the author(s) and do not represent the official policy or position of Yellow, its founders, or its executives. Always conduct your own thorough research (D.Y.O.R.) and consult a licensed financial professional before making any investment decision.
Related News
AI Is Making Crypto Hacks Cheaper Than Ever And Kelp DAO Just Proved It
6 hours ago
Ten years ago, a crypto exploit required a rare set of skills. You needed deep Solidity instincts, a working knowledge of bridge architecture and en
How Attackers Turned $500 Into $285M: The Drift Hack Breakdown
Apr 01, 2026
A sophisticated exploit targeting Drift Protocol appears to have drained an estimated $285 million after an attacker manipulated oracle pricing using
Resolv USR Crashes 72% After $25M Exploit
Mar 23, 2026
Resolv's USR stablecoin lost its dollar peg and crashed 72% to $0.27 after an attacker exploited a flaw in the protocol's minting contract to create r
Oracle Bug Wipes $1.78M From Moonwell Lending Platform
Feb 18, 2026
A misconfigured oracle on DeFi lending platform Moonwell briefly priced Coinbase Wrapped ETH (cbETH) at roughly $1 instead of its actual market value
$1M Moonwell Exploit Exposes Critical Oracle Vulnerabilities in DeFi Protocols
Nov 04, 2025
Decentralized finance platform Moonwell suffered a $1 million exploit on November 4, 2025, exposing critical vulnerabilities in how DeFi protocols rel
Related Research Articles
Biggest Crypto Exploits Of 2025–2026: What Really Went Wrong
Mar 23, 2026
Crypto hacks in 2025 and early 2026 exceeded every prior annual record by dollar value, with losses reaching as high as $3.4 billion across a landscap
Why DEX Exploits Cost $3.1B in 2025: Analysis of 12 Major Hacks
Oct 27, 2025
Lately the cryptocurrency world witnessed another devastating lesson in the fragility of decentralized finance. BunniDEX, a promising decentralized
Claude Mythos And Crypto: What The New AI Threat Means For Trading
Apr 15, 2026
Anthropic revealed Claude Mythos Preview on Apr. 7, 2026, as the most powerful AI model it has ever built, and the first it has explicitly refused to
Off-Chain Vs. On-Chain Trading: What Is Shifting Crypto From CEXs To DEXs?
Mar 25, 2026
Decentralized exchanges captured more than 20% of global spot crypto trading volume by late 2025, roughly triple their share from four years earlier,
Web3's Security Crisis In 2026: Why The Biggest Hacks Are No Longer Just Smart-Contract Bugs
Apr 10, 2026
The crypto industry lost a record $3.4 billion to hacks in 2025, yet the defining story is not about buggy Solidity code. It is about compromised deve
Related Learn Articles
Beginner's Guide To DeFi Lending: Step-by-Step Tutorial For Earning Passive Income With Crypto
Apr 04, 2026
DeFi lending platforms now hold more than $190 billion in total value locked, marking a shift from experimental yield farming to what increasingly res
What Are Crypto Loans And How Do They Work?
Apr 17, 2026
Crypto loans reached a record $73.6B in Q3 2025, and the mechanism behind them is simpler than most beginners expect — deposit cryptocurrency as colla
DeFi Insurance Reality Check: Can On-Chain Protection Actually Save Investors?
Sep 03, 2025
The decentralized finance revolution promised financial freedom, but it delivered something else entirely: $3.8 billion in losses from hacks and explo
How Do Synthetic Stablecoins Work? USDe, GHO, and crvUSD Explained
Oct 13, 2025
While fiat-backed tokens like USDC and USDT still dominate with their combined $250 billion market capitalization, a new category of dollar-tracking a
DeFi Portfolio Protection: 10 Tips for Managing Risk in Your DeFi Investments
Apr 27, 2025
The decentralized finance (DeFi) ecosystem has transformed from a niche experiment to a sophisticated financial infrastructure managing hundreds of bi
Every DeFi Trader Is Watching This Kelp $292M DAO Exploit — Here's Why It Changes Lending | Yellow.com