- $290 million exploit triggers panic across Ethereum and Arbitrum markets
- Aave token drops 18 percent as DeFi lending risks intensify
- Attacker leverages stolen funds to control over 106000 ETH holdings
A large exploit has shaken activity across Ethereum and Arbitrum, drawing immediate attention from market participants as concerns spread through decentralized finance systems. Attackers drained over $290 million from the Kelp DAO ecosystem, forcing lending protocols to activate emergency measures to contain the impact. The breach centered on the rsETH cross-chain bridge, which connects liquidity across multiple platforms and supports collateralized lending activities. Consequently, the incident raised concerns about systemic exposure, as interconnected protocols faced the risk of cascading effects from compromised assets.
Market reaction intensified as Aave’s token dropped nearly 18% during the disruption, reflecting a rapid shift in sentiment among investors responding to rising uncertainty. Besides, the decline highlighted growing caution around assets tied to the exploit, as traders adjusted positions to manage risk.
According to on-chain forensic analysis, the vulnerability did not originate from LayerZero infrastructure, which initially drew attention due to its role in cross-chain communication. Instead, researchers identified a peer trust issue linked to compromised keys on the source chain, which allowed unauthorized access. The attacker gained control of a legitimate Kelp DAO peer contract, enabling direct interaction with bridge operations and facilitating the movement of funds without early detection. Additionally, blockchain data shows that initial transactions were funded through Tornado Cash, which helped obscure activity before execution.
Also Read: ASTEROID SHIBA (ASHIBA) Price Prediction 2026–2030: Can ASHIBA Hit $0.0005 Soon?
Leveraged strategy increases pressure across lending platforms
After securing the assets, the attacker avoided immediate liquidation and adopted a structured strategy designed to extend control over the funds. They deposited rsETH into lending platforms and borrowed Wrapped Ethereum against that collateral, which expanded their exposure. This approach allowed the exploiter to extract liquidity while maintaining control of the underlying assets, creating additional pressure on protocols managing uncertain collateral values. Consequently, analysts estimate the attacker now holds over 106,000 ETH, valued at nearly $250 million.
Such positioning increased stress across multiple platforms, as risk spread through interconnected systems that rely on shared liquidity. Moreover, the use of borrowed funds complicated containment efforts, since exposure extended beyond a single protocol. Aave responded by freezing all rsETH markets across its V3 and V4 deployments, removing borrowing functionality to limit further damage and stabilize the system.
Aave founder Stani Kulechov stated that core smart contracts remained secure, although the incident highlighted risks linked to external integrations and cross-chain dependencies. The exploit shows how quickly risk can spread across DeFi platforms when vulnerabilities emerge within shared infrastructure, despite rapid containment efforts.
Also Read: Monero Turns 12 as Privacy Demand Surges Despite 73 Exchange Delistings
