News 
Coin Information 
About us 
Customer Service 
A massive $292 million cryptocurrency hack has sent shockwaves through the decentralized finance (DeFi) sector, exposing serious security flaws in cross-chain infrastructure and triggering widespread panic among investors. Coming just weeks after a $285 million breach of Solana-based protocol Drift, this latest incident raises urgent questions about the safety of DeFi's nearly $90 billion ecosystem.
The attack centered on Kelp's rsETH token, a yield-bearing Ethereum derivative, and exploited a critical vulnerability in a LayerZero bridge — technology that allows digital assets to move between different blockchains. Ledger CTO Charles Guillemet explained that the system operated on a dangerous single-signer configuration, meaning only one entity needed to authorize transactions. Attackers apparently exploited this weakness to mint massive quantities of rsETH tokens without any actual assets backing them on the source chain.
Once the unbacked tokens were created, the attacker deposited them into major DeFi lending platforms — primarily Aave, the largest decentralized crypto lender — and borrowed real Ethereum against them. This left Aave and similar protocols holding illiquid collateral while liquid assets were drained. Aave experienced roughly $6 billion in withdrawals following the incident, and its native token dropped approximately 15% within 24 hours. Curve Finance founder Michael Egorov warned the situation could trigger a bank-run scenario as users race to withdraw funds.
Investigators still don't know how the validator was compromised or whether it was hacked, misconfigured, or deceived. The attacker's identity remains unknown, though experts describe the operation as highly sophisticated. The deeper concern is systemic: as DeFi protocols become increasingly interconnected, a single point of failure can cascade rapidly across the entire ecosystem. Guillemet cautioned that 2026 is on track to become the worst year on record for crypto-related hacks, further eroding the trust that decentralized finance has worked hard to build.
Comment 0