Imagine Kelp DAO as a massive bridge that helps people move their special rsETH tokens across different blockchains. The hackers found a weak spot in the bridge’s security system specifically a private key leak or a flaw in how the bridge verifies transactions.
The hackers used this flaw to "trick" the system into thinking they had assets they didn't actually own. They minted fake or unbacked rsETH and then rushed over to Aave—the world’s biggest crypto bank—to use that fake money as collateral.
📉 WHY AAVE WENT DOWN (BUT NOT REALLY)
The hackers deposited the exploited rsETH into Aave and borrowed real ETH against it as fast as they could. When big investors like Justin Sun saw this they panicked and started pulling their money out. Over $5.4 billion was withdrawn from Aave in a matter of hours.
Because so much ETH was borrowed by the hacker or withdrawn by panicking users the "utilization rate" hit 100%. This means there is currently zero ETH left in the pool for others to borrow or withdraw. $AAVE isn't "broken" but it is stuck until people pay back their loans or the protocol finds a way to fix the bad debt.
🔄 LATEST UPDATE AS OF APRIL 20 2026
Kelp DAO Actions: They have officially paused all rsETH contracts across mainnet and all Layer 2 networks to stop more money from leaving.
The Investigation: Security teams are currently looking at whether the mistake was a leaked private key or a failure in the LayerZero verification system.
Aave Status: The platform is still functional for other assets but ETH withdrawals are currently blocked for many because the pool is empty.
STAY SAFE AND WATCH YOUR COLLATERAL #KelpDAO #AAVE #DeFi #CryptoNewss #SecurityAlert
