Back

DeFi Insurance Gap Exposes Billions to Rising Cyber Threats

Severity: High (Score: 65.2)

Sources: Bitget, coinedition.com

Summary

DeFi users are increasingly vulnerable to cyber attacks, with less than 2% of the total value locked in decentralized finance (DeFi) insured. Nexus Mutual founder Hugh Karp reports that uninsured lending protocols have lost $7.7 billion over six years, with over $600 million lost in April 2026 alone. The insurance market for DeFi remains small, with Nexus Mutual holding nearly all of the $123.5 million in total value locked, representing only 0.14% of the $83 billion DeFi market. Attackers have shifted focus from smart contract bugs to phishing, private key theft, and operational security failures, complicating risk assessment for insurers. The Kelp DAO exploit highlighted the limitations of current insurance coverage, as attackers manipulated a bridge mechanism to access real assets. Many users forgo insurance to maximize yield, leaving them exposed to significant losses. Experts suggest that the insurance model may need to evolve to better integrate protection into DeFi products. Key Points: • Less than 2% of DeFi's total value locked is insured, exposing users to significant risks. • $7.7 billion lost to attacks in uninsured lending protocols over six years, with $600 million in April 2026 alone. • Current insurance products struggle to cover emerging threats like phishing and operational failures.

Key Entities

  • Phishing (attack_type)
  • CertiK (company)
  • DeFiLlama (company)
  • Kelp DAO (company)
  • Nexus Mutual (company)
  • Financial (industry)
  • T1566 - Phishing (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed