Decentralized finance (DeFi) infrastructure was rocked this weekend as Kelp DAO, a liquid restaking protocol, fell victim to a massive exploit resulting in the loss of approximately $292 million. The attack, which targeted a cross-chain bridge built on LayerZero, has sent shockwaves through the crypto ecosystem, leading to emergency measures by major platforms like Aave.
The incident occurred on Saturday when attackers exploited a vulnerability in Kelp DAO’s bridge, which utilizes LayerZero technology to facilitate communication between different blockchains. This allowed the hackers to drain a significant portion of the protocol’s rsETH reserves. Kelp DAO confirmed the suspicious cross-chain activity and promptly paused its rsETH contracts to investigate.
The interconnected nature of DeFi meant that the exploit quickly spread. rsETH, used across various decentralized applications as collateral or liquidity, became a point of contagion. Major DeFi lending protocol Aave, along with SparkLend and Fluid, froze their rsETH markets to prevent further damage and assess the situation. Aave’s founder reassured users that Aave’s own contracts were not compromised but that the freeze was a precautionary measure.
The price of Aave’s native token, AAVE, saw a notable drop following the news. Other DeFi-related tokens also experienced declines as the market reacted to the potential for bad debt and systemic risk.
This exploit is the latest in a series of significant hacks targeting the DeFi space in 2026. It follows a $285 million hack on the Solana-based Drift Protocol earlier in April, which has been linked to North Korean actors. The DeFi community remains on high alert as cybercriminals continue to find new ways to exploit vulnerabilities in the rapidly evolving decentralized financial landscape.