20 articles tagged with #defi-hack. AI-curated summaries with sentiment analysis and key takeaways from 50+ sources.
LayerZero faces backlash over its response to the $290 million KelpDAO exploit, with the crypto community criticizing the protocol for shifting blame to KelpDAO's single-verifier configuration rather than addressing fundamental vulnerabilities in its own DVN infrastructure and RPC dependency.
A $290M hack of Kelp DAO's rsETH token via Layer Zero has triggered a $14B liquidity crisis across DeFi lending markets, with multiple platforms including Aave reaching full utilization as users rush to withdraw deposits and lenders face acute capital constraints.
A major cross-chain exploit has triggered a significant exodus from DeFi platforms, with billions in assets fleeing the ecosystem. The incident exposes structural vulnerabilities in decentralized finance infrastructure and reignites debate about systemic contagion risks across interconnected blockchain protocols.
Drift Protocol suspended all operations after a sophisticated six-month infiltration by a North Korean state-backed group culminating in an exploit on April 1, 2026. The attackers posed as a legitimate trading firm, conducted in-person meetings across multiple countries, and used three attack vectors including a silent code execution flaw in development tools.
Gravity Bridge, a Cosmos-based cross-chain bridge, suffered a $5.4 million security breach attributed to a compromised private key. The attacker extracted USDC, ether, tether, and PAYG tokens, subsequently laundering portions through exchange services ChangeNow and Binance, highlighting continued vulnerability in bridge infrastructure.
DxSale, a liquidity locker platform on BNB Chain, lost $7.3 million in BNB after attackers exploited a hidden backdoor in its smart contract to drain funds from over 1,400 liquidity providers. The incident highlights critical security vulnerabilities in DeFi infrastructure and raises concerns about contract auditing practices.
The Arbitrum Security Council has frozen $71 million in ETH stolen during the Kelp DAO exploit, with any movement of these funds requiring approval through Arbitrum's governance process. This action demonstrates the security council's ability to intervene in major exploits while maintaining decentralized oversight.
A $293 million DeFi exploit has been identified as the largest hack of 2026, raising critical questions about fund recovery and security protocols across decentralized finance platforms. The incident underscores persistent vulnerabilities in smart contract architecture and highlights the need for enhanced auditing standards within the DeFi ecosystem.
Bitcoin retreated from recent highs as traders monitored a CME futures gap while a DeFi exploit pressured altcoins and broader macro headwinds dampened market sentiment. The pullback reflects profit-taking and risk reassessment across cryptocurrency markets amid technical and fundamental concerns.
Kelp DAO's rsETH bridge suffered a $292 million exploit through a LayerZero-based attack, with the protocol's emergency multisig freezing core contracts within 46 minutes and blocking two additional exploitation attempts. The incident highlights critical vulnerabilities in cross-chain bridge infrastructure and the risks associated with LayerZero's messaging protocol.
Rhea Finance suffered a $7.6 million exploit through a sophisticated attack involving fake token contracts and manipulated liquidity pools that deceived the protocol's Oracle mechanisms. The attackers extracted funds by creating artificial liquidity traps, prompting Rhea Finance to pause all contracts while investigating the incident with security partners.
An attacker exploited a vulnerability in a cross-chain bridge contract by forging a state proof message to gain admin control over bridged Polkadot (DOT) tokens on Ethereum. Despite minting $1 billion in fake tokens, the attacker only managed to extract approximately $250,000 in value before liquidity constraints and market impact limited further sales.
Resolv Labs burned 36.7 million USR stablecoins after a security breach allowed an attacker to mint 80 million unbacked tokens through key compromise. The exploit resulted in $24.5 million in ETH being dumped and created a $34 million hole in the protocol's reserves.
A crypto attorney suggests the $280 million Drift Protocol attack may constitute civil negligence. The security breach is believed to have been conducted by threat actors with ties to North Korean state-affiliated hacking groups.
Resolv protocol suffered a $25M loss when attackers minted 80M USR tokens illegally by compromising their off-chain signing infrastructure through a contractor's compromised GitHub credentials. The attack occurred on March 22, 2026, with approximately 46M of the illicitly minted tokens later neutralized through burns and blacklisting measures.
Drift Protocol suffered a $280 million exploit that required months of deliberate preparation by sophisticated attackers. The protocol believes with medium-high confidence that the same actors behind the $58 million Radiant Capital hack in October 2024 were responsible for this attack.
Solana founder expressed shock at a major DeFi hack involving Drift protocol, describing it as 'terrifying' and representing one of the largest DeFi exploits in history. The incident highlights escalating security vulnerabilities in the DeFi space beyond typical smart contract bugs and phishing attacks.
Venus Protocol suffered a $3.7 million exploit where an attacker manipulated Thena tokens to bypass the platform's maximum supply cap restrictions. The threat actor was able to borrow multiple digital assets by exploiting this vulnerability in the protocol's supply cap mechanism.
BONK.fun's team account was compromised by hackers who deployed a wallet drainer on the platform. The security breach further worsens BONK.fun's already declining market position and exposes critical vulnerabilities in decentralized platform security.
Foom Cash suffered a $2.26 million exploit due to a Groth16 verifier misconfiguration. A white hat hacker was able to recover $1.84 million of the stolen funds, limiting the total loss to approximately $420,000.
