Back to Home

Theft of $292M from Kelp DAO: Details of the Bridge Attack

A hacker attack on the Kelp DAO protocol led to a loss of $292M through a vulnerability in the cross-chain bridge. The team paused contracts, preventing further losses. The incident caused a drop in AAVE and a freeze of rsETH markets.

Largest hack of the year: $292M stolen from Kelp DAO
Advertisement 728x90

Largest Heist of the Year: Hacker Drains $292M from Kelp DAO Protocol via Cross-Chain Bridge

A hacker attack on the liquid restaking protocol Kelp DAO resulted in the loss of over 116,000 rsETH tokens, equivalent to approximately $292 million. The incident occurred on the evening of April 20, 2026, and ranks among the largest in DeFi history. The attacker exploited a vulnerability in the OFT standard cross-chain bridge, allowing funds to be drained within minutes. The project team promptly paused contract operations, preventing an additional $100 million in losses.

Attack Mechanism and Scale of Damage

The attacker pre-funded a wallet via the Tornado Cash mixer roughly 10 hours before the attack. At 17:35 UTC, the lzReceive function was triggered in the LayerZero contract, after which the bridge automatically transferred 116,500 rsETH tokens (about 18% of the total supply of 630,000 tokens) to an address controlled by the hacker. The Ethereum and Arbitrum networks bore the brunt of the losses. Attempts to withdraw another 40,000 rsETH ($100 million) were blocked by the emergency stop system activated 46 minutes after the attack.

Team Response and Ecosystem Impact

Kelp DAO developers activated an emergency pause affecting the deposit pool, withdrawal contract, oracle, and the rsETH token itself. Operations were halted on the mainnet and several Layer 2 networks. The incident triggered market panic: the AAVE token dropped 10% amid fears of problematic debt on the lending platform. The Aave team froze rsETH markets in V3 and V4, emphasizing that the vulnerability was specific to rsETH, not their smart contracts.

Google AdInline article slot

Cross-Chain Bridge Vulnerability

The attack once again highlighted security issues with cross-chain bridges, which are frequent hacker targets. The OFT standard bridge used by Kelp DAO enables token transfers across over 20 blockchains, including Base, Arbitrum, Linea, Blast, Mantle, and Scroll. Experts note that the complexity of such systems increases the attack surface, and the use of mixers like Tornado Cash complicates fund tracing.

Key Takeaways

  • The hacker drained $292 million, representing 18% of all rsETH tokens.
  • The attack was made possible by a vulnerability in the OFT standard cross-chain bridge.
  • Kelp DAO prevented an additional $100 million in losses by halting contracts.
  • The incident caused a 10% drop in AAVE's price and the freezing of rsETH markets on Aave.
  • Traces lead to Tornado Cash, complicating attacker identification.

— Editorial Team

Advertisement 728x90

Read Next