Blockchain security experts have identified a significant exploit affecting Kelp DAO, with approximately $293.7 million in assets drained. The incident, involving the protocol's rsETH adapter, was first reported by ZachXBT on Telegram. The exploit occurred around 2:50 PM in New York, raising alarms within the decentralized finance (DeFi) community.
Kelp DAO announced via X that it has paused all rsETH contracts to investigate suspicious cross-chain activities. Meanwhile, Aave, the largest DeFi project, confirmed that it has frozen rsETH markets on its lending protocols, Aave v3 and Aave v4, clarifying that their contracts were not compromised. Stani Kulechov, Aave's founder, emphasized that rsETH does not have any borrowing power.
In the wake of the hack, the price of Aave’s AAVE token experienced a decline of 10% over the past day, while other major DeFi tokens like stETH and wstETH fell by nearly 4%. This incident adds to a worrying trend of attacks on DeFi protocols, following earlier hacks that affected platforms like Drift Protocol and Balancer.