DeFi users pull out $10 billion from market as $292 million exploit sparks bank-run optics

Piyasa gündeminde öne çıkan haber: A $292 million exploit at KelpDAO set off a broad retreat across decentralized finance over the weekend, draining roughly $10 billion across the DeFi industry and forcing multiple protocols to freeze markets tied to rsETH. The breach began late Saturday when an attacker drained about 116,500 rsETH from KelpDAO’s cross-chain bridge. The stolen tokens were worth about $292 million at the time, according to data.

KelpDAO issues rsETH to users who deposit ETH into its liquid restaking system. The platform then deploys those ETH through the restaking platform EigenLayer to generate additional yield on top of standard staking returns. KelpDAO’s loss now stands as the largest DeFi exploit of 2026 in the report, surpassing earlier attacks this year.

Piyasa Dinamikleri

Related Reading EigenLayer's native token debut sees high stakes activity from crypto whales The digital asset has a fully diluted valuation of $6. 5 billion, according to CoinMarketCap. Oct 1, 2024 Oluwapelumi Adejumo How KelpDAO was exploited for $292 million rsETH circulates across the broader market via LayerZero , a cross-chain messaging network that moves instructions and assets between blockchains.

Yearn Finance core developer Banteg explained that the exploit hit the route linking Unichain to the Ethereum mainnet. According to the on-chain analyst, the attacker pushed through a fraudulent message that the system accepted as valid, prompting the Ethereum-side adapter to release pre-funded rsETH reserves. This route was configured as a one-of-one decentralized verifier network path without secondary verifiers that could have flagged the transaction.

Banteng stated that the malicious transaction, identified as nonce 308, was verified and delivered at 17:35 UTC. Following the attack, the KelpDAO’s emergency multisignature wallet froze the protocol’s core contracts. This blocked two further attempts that together could have removed another roughly $100 million in rsETH.

Piyasalara Etkisi

The initial stolen funds were moved through Tornado Cash, obscuring the trail before the protocol’s response could contain the damage. Meanwhile, the drained reserve-backed wrapped rsETH circulated across secondary networks, including Base, Arbitrum , Linea, Blast, Mantle, and Scroll. Once those reserves were depleted, users holding rsETH off Ethereum faced rising uncertainty around redemption and backing.

And that pressure quickly fed into the rest of the market. Aave takes the heaviest blow The most severe aftershock hit Aave , the largest crypto lending platform, where the attacker allegedly deposited the stolen rsETH as collateral. During the attack window, Aave’s pricing oracles continued to read rsETH near its normal peg, allowing the protocol to issue 106,467 ETH against the compromised collateral.

That left the platform facing a potential $236 million bad-debt exposure and triggered a rush for the exits. Data from DeFiLlama showed Aave’s total value locked dropped from more than $26 billion to about $20 billion as users withdrew funds. Aave's TVL (Source: DeFiLlama) The drawdown amounted to one of the sharpest pullbacks on the platform in recent memory and turned a bridge exploit into a liquidity event for the largest lending venue in DeFi.

Kripto piyasaları, bu gelişmenin ardından yakından takip ediliyor. Yatırımcılar, söz konusu haberin fiyatlar üzerindeki olası etkilerini değerlendiriyor.