Back

Kelp DAO Exploit: $293 Million Drain Triggers DeFi Contagion

Severity: High (Score: 66.2)

Sources: Odaily.News, Bitget, Bloomberg, www.coindesk.com, Cryptopotato

Summary

On April 18, 2026, Kelp DAO's LayerZero-powered cross-chain bridge was exploited, resulting in the theft of 116,500 rsETH, valued at approximately $293 million. The attacker utilized a forged cross-chain message to trick the bridge into releasing the funds to an attacker-controlled address. This exploit represents about 18% of rsETH's circulating supply and has caused significant disruption across the DeFi ecosystem, impacting at least nine other platforms, including Aave, which froze its rsETH markets to prevent further losses. The stolen funds were quickly converted into ETH, raising concerns about the backing of rsETH on various networks. Kelp DAO has paused its contracts while investigating the incident and coordinating with security experts. The attack highlights vulnerabilities in cross-chain bridge infrastructure and the interconnectedness of DeFi protocols. Key Points: • Kelp DAO lost $293 million in a cross-chain bridge exploit on April 18, 2026. • The attacker used a forged message to drain 116,500 rsETH, impacting multiple DeFi platforms. • Aave and other protocols froze rsETH markets to contain the fallout from the exploit.

Key Entities

  • Data Breach (attack_type)
  • Malware (attack_type)
  • Aave (platform)
  • LayerZero (platform)
  • Blast (platform)
  • Compound (platform)
  • Linea (platform)
  • Compound Finance (company)
  • CoW Swap (company)
  • Drift Protocol (company)
  • Euler (company)
  • Fluid (company)
  • Drift (campaign)
  • Kelp (apt_group)
  • North Korea (country)
  • dlnews.com (domain)
  • Tornado Cash (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed