Bootstrap Gallery
  1. Home
  2. Markets

DeFi Suffers $13 Billion Loss in 48 Hours Following KelpDAO Security Breach

A severe capital exodus has hit the decentralized finance ecosystem after the KelpDAO protocol was exploited over the weekend. Aave, a leading DeFi lending platform, has seen a substantial decline of $8.45 billion in deposits over the past two days, contributing to a broader $13.21 billion drop in total value locked across DeFi. The total value locked, which measures the combined dollar value of crypto assets deposited across DeFi protocols, decreased from $99.497 billion to $86.286 billion. Aave's total value locked declined by $8.45 billion to $17.947 billion during the same period, according to DefiLlama. Data from various protocols, including Euler, Sentora, and Aave, shows double-digit percentage drops, with significant losses in lending, restaking, and yield strategies tied to the affected collateral. The exploit, which involved a $292 million theft from Kelp's bridge, allowed attackers to use stolen rsETH as collateral to borrow funds on lending platforms. As these stolen tokens lacked legitimate collateral backing, borrowing against them created potential shortfalls for lenders, similar to depositing fake fiat in a traditional bank and taking out loans against it. In response, protocols froze affected markets, while panicked users withdrew funds, resulting in a broad decline in total value locked. Token prices, however, have not moved as sharply as deposits, with the AAVE token down about 2.5% over 24 hours and UNI and LINK down less than 1% over the same period. According to Peter Chung, head of research at Presto Research, the incident highlights the risks associated with cross-chain infrastructure, particularly in verification systems used by bridges. Early analysis suggests that the issue may have originated in the verification layer rather than in the smart contracts themselves. Chung also noted that the episode demonstrates how interconnected DeFi protocols can transmit shocks beyond the initial point of failure, with withdrawal activity and market freezes extending to platforms without direct exposure to the exploit.