The $292 Million Kelp Hack: A DeFi Disaster Unfolds

A devastating $292 million hack has sent shockwaves through the cryptocurrency industry, exposing weaknesses in DeFi's infrastructure and sparking fears of a ripple effect across lending protocols. The attack, which occurred over the weekend, targeted Kelp's rsETH token, a yield-bearing version of ether, and manipulated the system to create large amounts of unbacked tokens. These tokens were then used as collateral to borrow and drain real assets from lending markets, primarily from Aave, the largest decentralized crypto lender. The incident is the latest in a string of high-profile hacks, including the $285 million exploit of Solana-based protocol Drift, which has further eroded investor trust in the nearly $90 billion crypto sector. At its core, the exploit centered on a LayerZero bridge component, which enables assets to move across different blockchains. The system relied on a single-signer setup, meaning that only one entity could approve transactions, making it vulnerable to manipulation. The attacker was able to sign a message, allowing them to mint large amounts of rsETH, although it remains unclear how this access was obtained. Once minted, the tokens were quickly deployed, with the attacker immediately depositing them in lending protocols, mostly Aave, to borrow real ETH against. This maneuver has left DeFi lending platforms holding collateral that may be difficult to unwind, while valuable and liquid assets have already been drained. As a result, Aave and other lending protocols may be sitting on hundreds of millions of dollars in questionable collateral and bad debt, raising concerns of a potential 'bank run' dynamic as users rush to withdraw funds. The incident has raised key questions about the security of DeFi's infrastructure and the potential for cascading failures across the system. While the attacker's identity remains unknown, the scale of the attack suggests a sophisticated actor. The exploit has dealt a significant blow to trust in DeFi, with Ledger's CTO warning that 2026 will likely be the worst year on record for hacks. Despite this, some industry experts believe that DeFi will learn from this incident and emerge stronger, although the immediate losses and erosion of investor confidence will undoubtedly have a lasting impact on the sector.