KelpDAO Suffers Major Exploit, 116,500 rsETH Siphoned
KelpDAO’s Layerzero V2 rsETH route fell victim to a significant hack on April 2026, resulting in the theft of 116,500 rsETH from the Ethereum network via Aave’s OFT adapter. The incident underscores vulnerability in cross-chain bridges, as highlighted by Llamarisk, potentially exposing Aave V3 markets to substantial bad debt implications.
Following the exploit, the illicitly obtained rsETH was used by the attacker as collateral in both Aave V3 and V4 markets on Ethereum and Arbitrum, leading to borrowings of 52,834 WETH on Ethereum, along with 29,782 WETH and 821 wstETH on Arbitrum. Aave’s founder, Stani Kulechov, confirmed the action was taken within hours of the incident, freezing the rsETH markets on both platforms to prevent further borrowing and deposits.
Aave Responds to the Crisis
Aave promptly reacted to the exploit by freezing all rsETH markets, eliminating the token’s borrowing power. This precautionary step aimed to mitigate potential further losses. Kulechov shared updates on X, stating that the Aave community would later discuss whether to delist rsETH entirely across all markets once the immediate repercussions were assessed.
This incident marks the latest in a series of vulnerabilities seen with decentralized finance (DeFi) solutions, raising alarms about liquidity management and security resilience in the face of advanced hacking techniques. Market analysts stress that such events can trigger wider financial implications for both users and liquidity providers in the ecosystem.
Market sentiment rapidly shifted as Aave grappled with a new wave of instability. It follows a troubling history of DeFi exploits, where inadequate security measures can lead to significant financial losses. In recent months, the DeFi sector has seen heightened scrutiny from regulatory bodies, particularly surrounding the governance and risk management practices of protocols like Aave and KelpDAO.
Future Outlook for Aave and KelpDAO
The exploit has sparked an urgent call for enhanced security audits and a review of existing protocols across decentralized finance platforms. Analysts predict that tighter security protocols and the creation of explicit limits on collateral for cross-chain bridges will become priority discussions within major DeFi communities as the fallout continues. Aave’s planned community dialogue over the fate of rsETH could further influence liquidity strategies across Ethereum networks.
Overall, the hacking incident cements concerns regarding the susceptibility of cross-chain bridges and DeFi models to sophisticated hacking attempts by organized entities, including potentially state-sponsored actors. Recent investigations have suggested ties between North Korean hacking groups and a spate of major cyber heists within the cryptocurrency industry. The implications of such thefts could be felt across the entire crypto market, challenging regulatory bodies to respond effectively amidst growing pressure to safeguard investor assets.
