#rseth
rseth
12,442 views
56 Discussing
Hot
Latest
Kelp DAO just turned a protocol exploit into a full-blown DeFi stress event.
On April 18, 2026, attackers drained roughly $290M–$293M tied to rsETH, making it one of the biggest DeFi exploits of the year. Kelp flagged “suspicious cross-chain activity,” paused rsETH contracts across Ethereum mainnet and several L2s, and the blast radius quickly spread across lending markets.
What makes this hit harder is the mechanism. LayerZero says the protocol itself was not exploited; instead, the attacker allegedly poisoned downstream RPC infrastructure used by LayerZero Labs’ DVN, and Kelp’s 1-of-1 DVN setup left rsETH exposed as a single point of failure. LayerZero says it had recommended a multi-DVN configuration, while Kelp has publicly pushed back on where responsibility sits. 
The real damage was not just the theft. Aave said its own contracts were not exploited, but it still froze affected markets because of the rsETH bridge incident. Reports since then say the event triggered heavy withdrawals, bad debt concerns, and a sharp drop in DeFi confidence far beyond Kelp itself. 
This is why the story feels bigger than a hack headline: the code did not need to break for trust to break. In DeFi, one weak cross-chain assumption can turn yield into panic in a matter of hours.
#KelpDAO
#defi
#CryptoHack
#rseth
#Web3Security
On April 18, 2026, attackers drained roughly $290M–$293M tied to rsETH, making it one of the biggest DeFi exploits of the year. Kelp flagged “suspicious cross-chain activity,” paused rsETH contracts across Ethereum mainnet and several L2s, and the blast radius quickly spread across lending markets.
What makes this hit harder is the mechanism. LayerZero says the protocol itself was not exploited; instead, the attacker allegedly poisoned downstream RPC infrastructure used by LayerZero Labs’ DVN, and Kelp’s 1-of-1 DVN setup left rsETH exposed as a single point of failure. LayerZero says it had recommended a multi-DVN configuration, while Kelp has publicly pushed back on where responsibility sits. 
The real damage was not just the theft. Aave said its own contracts were not exploited, but it still froze affected markets because of the rsETH bridge incident. Reports since then say the event triggered heavy withdrawals, bad debt concerns, and a sharp drop in DeFi confidence far beyond Kelp itself. 
This is why the story feels bigger than a hack headline: the code did not need to break for trust to break. In DeFi, one weak cross-chain assumption can turn yield into panic in a matter of hours.
#KelpDAO
#defi
#CryptoHack
#rseth
#Web3Security
KelpDAO’s exploit lit the fuse, and DeFi felt the blast.
The attack drained about $293M in rsETH, but the real damage spread fast — Aave lost roughly $15B in supplied deposits as capital rushed for the exits. This was more than a hack. It was a stress test for trust, liquidity, and DeFi risk itself.
#AAVE #KelpDAO #DeFiCrisis #crypto #rsETH
The attack drained about $293M in rsETH, but the real damage spread fast — Aave lost roughly $15B in supplied deposits as capital rushed for the exits. This was more than a hack. It was a stress test for trust, liquidity, and DeFi risk itself.
#AAVE #KelpDAO #DeFiCrisis #crypto #rsETH
⚠️ DeFi Alert: Major impact on Kelp DAO & Aave!
The DeFi sector is currently experiencing a challenging situation. Kelp DAO's rETH exploit has created panic in the market, directly impacting the Aave protocol.
Situational Report:
Aave has released a report outlining two potential financial scenarios:
Scenario 1: If losses are distributed equally among all rETH holders, the total loss could be approximately $123 million.
Scenario 2: If the impact is limited to Layer 2 solutions only, the loss could increase to $230 million.
Why is this important?
This all depends on the "allocation decisions" made by Kelp DAO. This situation highlights the importance of risk management and strategic decision-making in DeFi projects. When centralized oversight is lacking, such exploits can severely impact the protocol's liquidity and stability.
Investor Takeaway:
High returns in DeFi protocols also come with risks. Understanding a project's security audits and risk mitigation plans before investing in them is crucial today.
Stay tuned for these complex market updates and regular insights on DeFi security.
$AAVE $PIEVERSE $RAVE
#defi #Aave #KelpDAO #rseth #CryptoSecurity #Blockchain #RiskManagement #CryptoNews #FinancialStability
The DeFi sector is currently experiencing a challenging situation. Kelp DAO's rETH exploit has created panic in the market, directly impacting the Aave protocol.
Situational Report:
Aave has released a report outlining two potential financial scenarios:
Scenario 1: If losses are distributed equally among all rETH holders, the total loss could be approximately $123 million.
Scenario 2: If the impact is limited to Layer 2 solutions only, the loss could increase to $230 million.
Why is this important?
This all depends on the "allocation decisions" made by Kelp DAO. This situation highlights the importance of risk management and strategic decision-making in DeFi projects. When centralized oversight is lacking, such exploits can severely impact the protocol's liquidity and stability.
Investor Takeaway:
High returns in DeFi protocols also come with risks. Understanding a project's security audits and risk mitigation plans before investing in them is crucial today.
Stay tuned for these complex market updates and regular insights on DeFi security.
$AAVE $PIEVERSE $RAVE
#defi #Aave #KelpDAO #rseth #CryptoSecurity #Blockchain #RiskManagement #CryptoNews #FinancialStability
The **Kelp DAO exploit** is currently the largest DeFi hack of 2026, totaling nearly **$293 million**. Here is a professional post draft for Binance Square that breaks down the situation and the recent "freeze" actions.
## 🚨 Market Alert: The Kelp DAO Exploit & The "Freeze" Response
The DeFi community is reeling from a sophisticated **$293 million** exploit targeting **Kelp DAO (@KelpDAO)**. This incident, attributed to the Lazarus Group, has triggered a massive contagion event across the ecosystem.
### 🔍 What Happened?
The attack targeted a vulnerability in the verification process between Kelp DAO and the **LayerZero** protocol. By exploiting a "1-of-1 verifier" setup and using a DDoS attack to isolate RPC nodes, the hackers successfully minted **116,500 rsETH** without backing.
### ❄️ The Strategic Freeze
To prevent further damage and bad debt, major protocols have taken emergency measures:
* **Arbitrum Security Council:** In a historic move, they successfully **froze 30,766 ETH (~$71M)** held in an address linked to the exploit. These funds are now moved to a locked wallet pending a governance vote.
* **Lending Protocols:** Platforms like **Aave, SparkLend, and Fluid** have frozen their rsETH markets. This was crucial as the attacker had already deposited stolen tokens as collateral to borrow nearly $190M in real assets.
* **Contract Pause:** Kelp DAO successfully paused their contracts in time to block a second attempt to drain an additional **40,000 rsETH**.
### 📉 Ecosystem Impact
* **Aave** saw a nearly **$8 Billion drop in TVL** as users reassessed risk.
* **$PIXEL** and other Web3 assets are being closely watched for side-effect volatility.
* This event highlights the critical need for **decentralized verification** over 1-of-1 configurations.
Stay vigilant and monitor your positions in restaking protocols. 🛡️
#KelpDAOExploitFreeze #DeFiSecurity #LazarusGroup #rsETH $ETH
$ARB
## 🚨 Market Alert: The Kelp DAO Exploit & The "Freeze" Response
The DeFi community is reeling from a sophisticated **$293 million** exploit targeting **Kelp DAO (@KelpDAO)**. This incident, attributed to the Lazarus Group, has triggered a massive contagion event across the ecosystem.
### 🔍 What Happened?
The attack targeted a vulnerability in the verification process between Kelp DAO and the **LayerZero** protocol. By exploiting a "1-of-1 verifier" setup and using a DDoS attack to isolate RPC nodes, the hackers successfully minted **116,500 rsETH** without backing.
### ❄️ The Strategic Freeze
To prevent further damage and bad debt, major protocols have taken emergency measures:
* **Arbitrum Security Council:** In a historic move, they successfully **froze 30,766 ETH (~$71M)** held in an address linked to the exploit. These funds are now moved to a locked wallet pending a governance vote.
* **Lending Protocols:** Platforms like **Aave, SparkLend, and Fluid** have frozen their rsETH markets. This was crucial as the attacker had already deposited stolen tokens as collateral to borrow nearly $190M in real assets.
* **Contract Pause:** Kelp DAO successfully paused their contracts in time to block a second attempt to drain an additional **40,000 rsETH**.
### 📉 Ecosystem Impact
* **Aave** saw a nearly **$8 Billion drop in TVL** as users reassessed risk.
* **$PIXEL** and other Web3 assets are being closely watched for side-effect volatility.
* This event highlights the critical need for **decentralized verification** over 1-of-1 configurations.
Stay vigilant and monitor your positions in restaking protocols. 🛡️
#KelpDAOExploitFreeze #DeFiSecurity #LazarusGroup #rsETH $ETH
$ARB
MASSIVE $292M CRYPTO EXPLOIT: KELP DAO DRAINED! 🚨
The DeFi world is reeling today. Kelp DAO just suffered a catastrophic exploit, with hackers walking away with a staggering $292 million. This is now officially the largest crypto hack of 2026.
Here is what’s happening right now:
THE ATTACK: The bridge infrastructure for rsETH was targeted, allowing the attacker to drain nearly $300M in liquid restaking tokens in a matter of minutes.
DEFI CONTAGION: This isn't just a Kelp problem. Major lending protocols like Aave and SparkLend have already hit the "kill switch," pausing rsETH markets to stop the bleeding.
A BRUTAL APRIL: This comes only weeks after the $285M Drift Protocol hack. The total stolen in just the last 20 days is approaching half a billion dollars.
The rsETH peg is under extreme pressure. If you are holding or using rsETH as collateral, now is the time to monitor your positions closely.
DeFi security is being tested like never before. Is this a sophisticated state-sponsored attack, or have we found a fundamental flaw in the cross-chain bridge "stack"?
STAY ALERT: Scammers are already out in force with fake "Refund" and "Claim" links. Do NOT click anything that isn't from a verified official source. 🛡️
#CryptoNews #DeFi #KelpDAO #rseth #CryptoHack #BlockchainSecurity #Ethereum✅ $ETH $XRP $BNB
The DeFi world is reeling today. Kelp DAO just suffered a catastrophic exploit, with hackers walking away with a staggering $292 million. This is now officially the largest crypto hack of 2026.
Here is what’s happening right now:
THE ATTACK: The bridge infrastructure for rsETH was targeted, allowing the attacker to drain nearly $300M in liquid restaking tokens in a matter of minutes.
DEFI CONTAGION: This isn't just a Kelp problem. Major lending protocols like Aave and SparkLend have already hit the "kill switch," pausing rsETH markets to stop the bleeding.
A BRUTAL APRIL: This comes only weeks after the $285M Drift Protocol hack. The total stolen in just the last 20 days is approaching half a billion dollars.
The rsETH peg is under extreme pressure. If you are holding or using rsETH as collateral, now is the time to monitor your positions closely.
DeFi security is being tested like never before. Is this a sophisticated state-sponsored attack, or have we found a fundamental flaw in the cross-chain bridge "stack"?
STAY ALERT: Scammers are already out in force with fake "Refund" and "Claim" links. Do NOT click anything that isn't from a verified official source. 🛡️
#CryptoNews #DeFi #KelpDAO #rseth #CryptoHack #BlockchainSecurity #Ethereum✅ $ETH $XRP $BNB
🚨 A $292M exploit just exposed a war between two of DeFi's biggest names and the blame game is getting ugly.
Kelp isn't staying quiet.
They're pointing the finger directly at LayerZero Labs.
Compromised RPC nodes.
A coordinated DDoS attack.
$292M in rsETH gone.
And Kelp's message is clear:
This wasn't us.
LayerZero's infrastructure was the entry point.
That's the claim on the table and it changes everything.
Because if a top-tier messaging protocol's nodes can be compromised at this scale...
No bridge is safe.
No cross-chain asset is safe.
Nothing built on top of compromised infrastructure is safe.
Aave is already in the room.
Recovery coordination is underway.
But here's what nobody's asking yet:
Who else was exposed during that DDoS window?
What other protocols were running through those same RPC nodes?
The April 18 incident wasn't just a hack.
It was a stress test that DeFi failed in public.
Watch this space. The counter-response from LayerZero will either restore confidence in the entire cross-chain ecosystem or crater it.
$292M is the headline.
The trust destruction is the real number.
#DeFi #Crypto #LayerZero #rsETH #CryptoSecurity
Kelp isn't staying quiet.
They're pointing the finger directly at LayerZero Labs.
Compromised RPC nodes.
A coordinated DDoS attack.
$292M in rsETH gone.
And Kelp's message is clear:
This wasn't us.
LayerZero's infrastructure was the entry point.
That's the claim on the table and it changes everything.
Because if a top-tier messaging protocol's nodes can be compromised at this scale...
No bridge is safe.
No cross-chain asset is safe.
Nothing built on top of compromised infrastructure is safe.
Aave is already in the room.
Recovery coordination is underway.
But here's what nobody's asking yet:
Who else was exposed during that DDoS window?
What other protocols were running through those same RPC nodes?
The April 18 incident wasn't just a hack.
It was a stress test that DeFi failed in public.
Watch this space. The counter-response from LayerZero will either restore confidence in the entire cross-chain ecosystem or crater it.
$292M is the headline.
The trust destruction is the real number.
#DeFi #Crypto #LayerZero #rsETH #CryptoSecurity
⚠️ Total Value Locked (TVL) in the Aave protocol has dropped by about $6.6 billion after hackers used $292 million worth of stolen rsETH tokens (from the Kelp bridge) as collateral in Aave V3.
Key details of the incident:
• The vulnerability was not in Aave's contracts themselves, but in the use of the stolen assets.
• Bad debts have accumulated to $196 million, concentrated in the (rsETH-wrapped ether) pair.
• Aave's Umbrella reserve may not be enough to cover the shortfall, putting stkAAVE holders at risk of bearing losses.
This incident highlights the systemic risks of Liquid Re-staking Tokens (LRT) in the DeFi sector.
#Aave #DeFi #CryptoNews #Ethereum #rsETH
Key details of the incident:
• The vulnerability was not in Aave's contracts themselves, but in the use of the stolen assets.
• Bad debts have accumulated to $196 million, concentrated in the (rsETH-wrapped ether) pair.
• Aave's Umbrella reserve may not be enough to cover the shortfall, putting stkAAVE holders at risk of bearing losses.
This incident highlights the systemic risks of Liquid Re-staking Tokens (LRT) in the DeFi sector.
#Aave #DeFi #CryptoNews #Ethereum #rsETH
⚠️ Total Value Locked (TVL) in the Aave protocol has dropped by about $6.6 billion after hackers used $292 million in stolen rsETH (from the Kelp bridge) as collateral in Aave V3.
Key details of the incident:
• The vulnerability was not in Aave's contracts themselves, but in the use of the stolen assets.
• Bad debt has accrued to the tune of $196 million, concentrated in the (rsETH-wrapped ether) pair.
• Aave's Umbrella reserve may not be enough to cover the shortfall, putting stkAAVE holders at risk of bearing losses.
This incident highlights the systemic risks of liquid re-staking tokens (LRT) in the DeFi sector.
#Aave #DeFi #CryptoNews #Ethereum #rsETH
Key details of the incident:
• The vulnerability was not in Aave's contracts themselves, but in the use of the stolen assets.
• Bad debt has accrued to the tune of $196 million, concentrated in the (rsETH-wrapped ether) pair.
• Aave's Umbrella reserve may not be enough to cover the shortfall, putting stkAAVE holders at risk of bearing losses.
This incident highlights the systemic risks of liquid re-staking tokens (LRT) in the DeFi sector.
#Aave #DeFi #CryptoNews #Ethereum #rsETH
🚨 BREAKING: $292M KELP DAO EXPLOIT — THE BIGGEST DeFi HACK OF 2026 🚨
The DeFi market just witnessed its most devastating exploit of the year. An attacker drained 116,500 rsETH (~$292M)— nearly 18% of rsETH's total circulating supply — by exploiting Kelp DAO's LayerZero-powered cross-chain bridge at 17:35 UTC on April 18.
🔍 HOW IT HAPPENED: ▪️ Attacker manipulated LayerZero's lzReceive function on the EndpointV2 contract ▪️ Forged a cross-chain message with NO source-chain burn record ▪️ Triggered the mainnet OFTAdapter to release 116,500 rsETH ▪️ Kelp's 1/1 DVN config (weakest LayerZero security tier) was the fatal weak link
💥 THE DOMINO EFFECT ON $AAVE: ▪️ Unbacked rsETH was deposited on Aave V3 → ~$236M in WETH borrowed ▪️ Since rsETH has ZERO backing now, positions are unliquidatable ▪️ Aave's ETH pool utilization = 100% → withdrawals frozen ▪️ $AAVE price crashed 10–13% in hours ▪️ Panic outflows triggered — Justin Sun pulled 65,584 ETH ($154M) alone
🛡️ CONTAGION SPREADING FAST: ✅ Aave froze rsETH markets on V3 & V4 ✅ SparkLend, Fluid, Compound, Euler — all froze rsETH exposure ✅ Lido paused earnETH deposits ✅ Ethena temporarily halted LayerZero OFT bridges ✅ Upshift paused High Growth ETH & Kelp Gain vaults
⚡ THE REAL TEST: This is the first live stress test of Aave's Umbrella safety module. If bad debt materializes, the Aave DAO must decide — absorb the loss or socialize it.
📉 KEY TAKEAWAY: Liquid Restaking Tokens (LRTs) are the most composable AND most fragile collateral in DeFi. When the backing breaks, everything downstream breaks with it.
Stay sharp. Manage exposure. Trust math, not narratives. 💎
#KelpDAOFacesAttack #DEFI #AAVE #rseth #LayerZero
The DeFi market just witnessed its most devastating exploit of the year. An attacker drained 116,500 rsETH (~$292M)— nearly 18% of rsETH's total circulating supply — by exploiting Kelp DAO's LayerZero-powered cross-chain bridge at 17:35 UTC on April 18.
🔍 HOW IT HAPPENED: ▪️ Attacker manipulated LayerZero's lzReceive function on the EndpointV2 contract ▪️ Forged a cross-chain message with NO source-chain burn record ▪️ Triggered the mainnet OFTAdapter to release 116,500 rsETH ▪️ Kelp's 1/1 DVN config (weakest LayerZero security tier) was the fatal weak link
💥 THE DOMINO EFFECT ON $AAVE: ▪️ Unbacked rsETH was deposited on Aave V3 → ~$236M in WETH borrowed ▪️ Since rsETH has ZERO backing now, positions are unliquidatable ▪️ Aave's ETH pool utilization = 100% → withdrawals frozen ▪️ $AAVE price crashed 10–13% in hours ▪️ Panic outflows triggered — Justin Sun pulled 65,584 ETH ($154M) alone
🛡️ CONTAGION SPREADING FAST: ✅ Aave froze rsETH markets on V3 & V4 ✅ SparkLend, Fluid, Compound, Euler — all froze rsETH exposure ✅ Lido paused earnETH deposits ✅ Ethena temporarily halted LayerZero OFT bridges ✅ Upshift paused High Growth ETH & Kelp Gain vaults
⚡ THE REAL TEST: This is the first live stress test of Aave's Umbrella safety module. If bad debt materializes, the Aave DAO must decide — absorb the loss or socialize it.
📉 KEY TAKEAWAY: Liquid Restaking Tokens (LRTs) are the most composable AND most fragile collateral in DeFi. When the backing breaks, everything downstream breaks with it.
Stay sharp. Manage exposure. Trust math, not narratives. 💎
#KelpDAOFacesAttack #DEFI #AAVE #rseth #LayerZero
⚡JUST IN: 0xQuit says the $AAVE situation is bad and getting worse.
Multiple pools have hit 100% utilization, leaving lenders stuck and unable to withdraw. The protocol risks even more bad debt following the KelpDAO rsETH incident (~$290–300M).
The WETH pool is especially affected. Umbrella is supposed to partially cover the hole, but there's still no clarity or official statement from the team.
The market wants answers: who will ultimately bear the losses?
DYOR and stay cautious with deposits on Aave.
#DeFi #Crypto #KelpDAO #rseth #BinanceSquare
Multiple pools have hit 100% utilization, leaving lenders stuck and unable to withdraw. The protocol risks even more bad debt following the KelpDAO rsETH incident (~$290–300M).
The WETH pool is especially affected. Umbrella is supposed to partially cover the hole, but there's still no clarity or official statement from the team.
The market wants answers: who will ultimately bear the losses?
DYOR and stay cautious with deposits on Aave.
#DeFi #Crypto #KelpDAO #rseth #BinanceSquare
😤 KelpDAO Hack Aftermath - $292M rsETH Exploit
The consequences are still unfolding:
🔴 rsETH markets frozen on Aave V3/V4, SparkLend, Fluid, and 9+ other protocols
🔴 Multiple DeFi platforms have paused LayerZero integrations as a precaution
🔴 MoveVM developers are pushing for a full migration to the MOVE language (local pump in related tokens)
KelpDAO and LayerZero are preparing a joint detailed report, but the community is unhappy with LayerZero’s 10-hour silence.
In a surprising move, Justin Sun publicly offered the hacker a deal: “How much do you want? Let’s just talk. It’s not worth sacrificing $AAVE and KelpDAO.
What do you think - will this exploit cause more contagion in DeFi or will the teams contain the damage quickly? Drop your thoughts below 👇
#KelpDAO #rseth #defi
The consequences are still unfolding:
🔴 rsETH markets frozen on Aave V3/V4, SparkLend, Fluid, and 9+ other protocols
🔴 Multiple DeFi platforms have paused LayerZero integrations as a precaution
🔴 MoveVM developers are pushing for a full migration to the MOVE language (local pump in related tokens)
KelpDAO and LayerZero are preparing a joint detailed report, but the community is unhappy with LayerZero’s 10-hour silence.
In a surprising move, Justin Sun publicly offered the hacker a deal: “How much do you want? Let’s just talk. It’s not worth sacrificing $AAVE and KelpDAO.
What do you think - will this exploit cause more contagion in DeFi or will the teams contain the damage quickly? Drop your thoughts below 👇
#KelpDAO #rseth #defi
Kelp restaking platform hit by $293M exploit
#Kelp has paused its #rsETH smart contracts after a cyberattack drained about $293 million from the platform. The exploit targeted a bridge-related component used to manage the restaking token.
According to Cyvers, the incident triggered wider disruption across multiple protocols, with at least nine platforms taking precautionary measures, including freezing related markets.
#Kelp has paused its #rsETH smart contracts after a cyberattack drained about $293 million from the platform. The exploit targeted a bridge-related component used to manage the restaking token.
According to Cyvers, the incident triggered wider disruption across multiple protocols, with at least nine platforms taking precautionary measures, including freezing related markets.
💥 The hacking of the Kelp DAO bridge triggered an outflow of $7.48 billion from the DeFi ecosystem in just 24 hours, with an 8.2% drop in the total value locked (TVL).
🏦 The impact was amplified in Aave, where the use of rsETH as collateral caused a liquidity run, massive withdrawals, and a temporary locking of funds amid the system's collapse.
⚠️ The episode exposes a structural fragility in DeFi, in a context where attacks are multiplying and market confidence is once again in doubt.
💸 The sending of 350,000 AAVE to exchanges following the Kelp DAO hack reflects increasing selling pressure and suggests that the market may still not have fully absorbed the impact of the event.
#AAVE #defi #rseth #KelpDAOFacesAttack #KelpDAO $AAVE @CoinMarketCap @Cointelegraph @CoinDesk
🏦 The impact was amplified in Aave, where the use of rsETH as collateral caused a liquidity run, massive withdrawals, and a temporary locking of funds amid the system's collapse.
⚠️ The episode exposes a structural fragility in DeFi, in a context where attacks are multiplying and market confidence is once again in doubt.
💸 The sending of 350,000 AAVE to exchanges following the Kelp DAO hack reflects increasing selling pressure and suggests that the market may still not have fully absorbed the impact of the event.
#AAVE #defi #rseth #KelpDAOFacesAttack #KelpDAO $AAVE @CoinMarketCap @Cointelegraph @CoinDesk
Login to explore more contents