News linked to both this project and an event.
According to on-chain analyst Yujin (@EmberCN), Aave covered $25,000 ETH (approximately $57.75 million) out of its own funds to address bad debt arising from the rsETH incident and spearheaded the “DeFi United” relief initiative. The total bad debt shortfall stands at 75,081 ETH; commitments for loans and donations totaling 69,576 ETH have already been secured, leaving a remaining gap of only 5,505 ETH. Multiple institutions—including LayerZero—have confirmed participation in the relief effort, though specific contribution amounts have not yet been disclosed. The shortfall is expected to be fully covered.
According to on-chain analyst Ai Aunt (@ai_9684xtpa), the address 0xb5E…Fc24e deposited a total of 1.397 million UNI tokens—worth approximately $4.6 million—into three exchanges two hours ago. Notably, the Bybit deposit address has had multiple interactions with the DeFi crypto fund DeFiance Capital, which is an investor in both Aave and LayerZero—two entities closely linked to the recent Kelp DAO hack incident.
According to The Block, JPMorgan analysts noted in their latest report that ongoing DeFi security vulnerabilities and stagnant growth in total value locked (TVL) continue to constrain institutional enthusiasm for the DeFi sector. Recently, Kelp DAO’s cross-chain bridge suffered a major attack, during which the attacker minted $292 million worth of uncollateralized rsETH tokens and borrowed real ETH on Aave, resulting in approximately $230 million in bad debt. This caused DeFi TVL to evaporate by roughly $20 billion within several days. LayerZero and blockchain security researchers have attributed this attack to the North Korean hacker group Lazarus Group; some of the stolen funds have been frozen, while the rest remain in circulation. Analysts also pointed out that DeFi TVL denominated in ETH has remained range-bound for an extended period, raising market concerns about whether DeFi can achieve organic growth sufficient to support institutional adoption. Furthermore, following each security incident, users tend to shift funds into USDT as a safe-haven asset—yet this trend has not yet significantly driven USDT’s market capitalization growth.
According to on-chain analyst Ember (@EmberCN), the rsETH incident on April 18 resulted in a funding shortfall of approximately 68,900 ETH (around $160 million): the hacker collateralized rsETH to borrow 99,600 ETH; after Arbitrum recovered 30,700 ETH, the remaining funds were fully converted by the hacker into BTC. The incident has now entered the remediation phase. Aave is coordinating the establishment of a “DeFi United” relief fund, which has so far received cumulative donations totaling 13,500 ETH (approximately $31.45 million). Donors include Lido Finance (2,500 stETH), ether.fi Foundation (5,000 ETH), Aave founder Stani Kulechov (5,000 ETH), Golem Foundation (1,000 ETH), as well as LayerZero and Ink Foundation (amounts undisclosed).
According to on-chain analyst PeckShield (@PeckShieldAlert), the KelpDAO attacker has transferred ETH from Ethereum to Arbitrum via the Across Protocol, swapped it for USDT, and then routed the funds to TRON DAO via LayerZero.
According to on-chain analyst Yu Jin (@EmberCN), a strategic partner wallet of LayerZero distributed unlocked $ZRO tokens to 52 addresses half an hour ago, transferring a total of 1.21 million $ZRO (approximately $1.97 million). The largest single transfer—855,000 $ZRO (approximately $1.42 million)—has already been sent to Binance.
According to on-chain analyst Yujin (@EmberCN), ZRO—the native token of LayerZero, the cross-chain bridge exploited by hackers in today’s rsETH vulnerability incident—fell 18% on the day, dropping from $1.90 to $1.50. Twenty minutes ago, a Polymarket user with the address “greenrooibos” deposited 978,000 ZRO tokens to Binance, valued at approximately $1.57 million. These ZRO tokens were withdrawn from Binance two weeks ago, when they were worth roughly $2.04 million; this deposit thus corresponds to a loss of approximately $470,000.
According to on-chain analyst Onchain Lens (@OnchainLens), Kelp DAO lost approximately $294 million in the cross-chain bridge exploit. As a result, $ZRO dropped from $2 to $1.40. A whale holding a long $ZRO position on HyperLiquid was partially liquidated, incurring a loss of $2.88 million. The whale still holds the position, with an unrealized loss exceeding $750,000 and a total loss of approximately $28.98 million.
Kamino, a liquidity protocol in the Solana ecosystem, announced on X that neither the platform nor its users have been affected by the current Ethereum rsETH incident. However, as a precautionary measure, Kamino has suspended all interactions with LayerZero-related tokens in its core markets (USDS, LBTC, FBTC). Related reserve assets have been placed into “reduce-only mode,” meaning users can still withdraw funds and repay debts, but deposits and borrowing functions are temporarily disabled. Kamino added that it is in active communication with the LayerZero team and will notify users immediately once the relevant reserves resume normal operations. These measures are purely proactive risk controls; platform and user funds remain unaffected.
According to CoinDesk, Kelp DAO’s LayerZero-based cross-chain bridge was attacked, with the attacker withdrawing 116,500 rsETH—worth approximately $292 million at current prices, or roughly 18% of its circulating supply. This incident has become the largest DeFi attack of 2026 to date. In response, Aave, SparkLend, and Fluid have frozen rsETH-related markets, and Lido Finance has suspended new deposits into its earnETH product. Kelp DAO stated it is jointly investigating the incident with LayerZero, auditing firms, and external security experts.