yellow bottom left star road

Wasabi Protocol Drained Of $4.5M After Attackers Seized Single Admin Key

Murtuza Merchant13 hours ago

#Hackers #Wasabi Protocol

Wasabi Protocol Drained Of $4.5M After Attackers Seized Single Admin Key

Perpetuals platform Wasabi Protocol lost roughly $4.5 million on Thursday after attackers compromised an admin key controlling its Ethereum (ETH) and Base vault contracts.

Wasabi Exploit Details

The breach was first flagged by security firm Blockaid, which traced the loss to a deployer wallet that held the sole ADMIN_ROLE in Wasabi's permission system.

The attacker called grantRole on that contract, handed admin rights to a helper contract, and pushed a UUPS upgrade on the perp vaults and LongPool. Malicious implementations then drained balances across both chains.

Affected pools included wWETH, sUSDC, wBITCOIN, wPEPE and Long Pool vaults on Ethereum, alongside sUSDC, sBTC, sAERO and others on Base, CertiK reported. Wasabi held no timelock or multisig over the admin role.

Also Read: Standard Chartered Says DeFi's $300M Rescue After KelpDAO Hack Could Become Its 'Antifragile Moment'

Single-Key Risk Repeats

Analysts say the playbook is familiar. The attack closely tracks the April 1 breach at Drift Protocol, where a compromised admin key drained $285 million on Solana (SOL) in roughly 12 minutes.

Weeks later, Kelp DAO lost $292 million through a single-verifier flaw in its LayerZero bridge.

April alone has now produced more than $605 million in DeFi losses across at least 12 incidents, lifting the 2026 tally past $770 million. Smaller breaches at CoW Swap, Grinex, Resolv Labs and Volo Protocol have piled on through the same month.

Read Next: Ultima Token Posts $11.4M Daily Volume As Price Holds Near $2,965

Disclaimer and Risk Warning: The information provided in this article is for educational and informational purposes only and is based on the author's opinion. It does not constitute financial, investment, legal, or tax advice. Cryptocurrency assets are highly volatile and subject to high risk, including the risk of losing all or a substantial amount of your investment. Trading or holding crypto assets may not be suitable for all investors. The views expressed in this article are solely those of the author(s) and do not represent the official policy or position of Yellow, its founders, or its executives. Always conduct your own thorough research (D.Y.O.R.) and consult a licensed financial professional before making any investment decision.

Related News

Volo Protocol Bleeds $3.5M In Sui Vault Raid Amid DeFi Carnage

Volo Protocol, a liquid staking platform on Sui, said an attacker drained about $3.5 million from three of its vaults on Wednesday. Inside the Volo B

How Attackers Turned $500 Into $285M: The Drift Hack Breakdown

A sophisticated exploit targeting Drift Protocol appears to have drained an estimated $285 million after an attacker manipulated oracle pricing using

SwapNet Loses $13.43M In Smart Contract Exploit

SwapNet, a decentralized exchange aggregator, lost approximately $13.43 million in cryptocurrency assets after attackers exploited a compromised route

Every DeFi Trader Is Watching This Kelp $292M DAO Exploit — Here's Why It Changes Lending

A single exploit against Kelp DAO's LayerZero-powered bridge has turned into the largest DeFi loss of 2026, with the attacker draining roughly 116,500

Balancer DeFi Protocol Hit by $70M Exploit as Attackers Drain Ethereum Vaults

Balancer, one of the largest decentralized finance protocols with over $750 million in total value locked, has become the latest victim of a sophistic

Related Research Articles

Biggest Crypto Exploits Of 2025–2026: What Really Went Wrong

Crypto hacks in 2025 and early 2026 exceeded every prior annual record by dollar value, with losses reaching as high as $3.4 billion across a landscap

Web3's Security Crisis In 2026: Why The Biggest Hacks Are No Longer Just Smart-Contract Bugs

The crypto industry lost a record $3.4 billion to hacks in 2025, yet the defining story is not about buggy Solidity code. It is about compromised deve

Lazarus And The Kelp Hack: How North Korea’s Crypto Heist Machine Keeps Evolving

On Saturday, Apr. 18, a cross-chain bridge run by Kelp DAO quietly bled 116,500 rsETH. By Monday, LayerZero had a name for the attackers. Not a new on

Claude Mythos And Crypto: What The New AI Threat Means For Trading

Anthropic revealed Claude Mythos Preview on Apr. 7, 2026, as the most powerful AI model it has ever built, and the first it has explicitly refused to

Why DEX Exploits Cost $3.1B in 2025: Analysis of 12 Major Hacks

Lately the cryptocurrency world witnessed another devastating lesson in the fragility of decentralized finance. BunniDEX, a promising decentralized

Related Learn Articles

What Are DAO Tools & How to Choose? 2025 Platform Guide for Governance & Treasury Management

The decentralized autonomous organization ecosystem has undergone a profound transformation, evolving from experimental concepts to institutional-grad

Beginner's Guide To DeFi Lending: Step-by-Step Tutorial For Earning Passive Income With Crypto

DeFi lending platforms now hold more than $190 billion in total value locked, marking a shift from experimental yield farming to what increasingly res

How Crypto Bridges Actually Work - And Why They Keep Getting Hacked

The blockchain revolution has ushered in a new era of decentralized systems, where independent networks like Ethereum, Solana, Avalanche, and Bitcoin

Ethereum's Kohaku Framework Explained: How 2025's Privacy Upgrade Changes Wallet Security

Ethereum has long harbored a paradox that sits at the core of its identity: a network built on transparency that increasingly leaves its users exposed

DeFi Portfolio Protection: 10 Tips for Managing Risk in Your DeFi Investments

The decentralized finance (DeFi) ecosystem has transformed from a niche experiment to a sophisticated financial infrastructure managing hundreds of bi

Wasabi Protocol Drained Of $4.5M After Attackers Seized Single Admin Key | Yellow.com