Kelp DAO is a project built on the Ethereum network, offering exposure of $293 million, making it the largest breach on Ethereum in 2026.

It looks like artificial intelligence makes it easier for hackers.

This isn’t the only attack this month:

First: Kelp DAO — the attacker exploited the LayerZero bridge to withdraw 116,500 rsETH (, about $293 million ), then used it as collateral on Aave to borrow Ethereum, leaving the Aave platform with no debts as the AAVE token’s value dropped.

Second: Drift Protocol — $285 million was stolen by hackers from North Korea using AI-powered social engineering, where they spent months building trust with insiders before carrying out the attack in just 12 minutes.

Third: Rhea Finance — a $18 million theft through fake token pools that tricked the protocol’s oracle into approving withdrawals.

Fourth: Grinex — a $15 million theft, and the sanctioned Russian platform suspended all operations, blaming “Western intelligence.”

Fifth: Hyperbridge — the attacker minted 1 billion DOT via the bridge with a nominal value exceeding $1 billion, but managed to extract only $237,000 due to low liquidity.

Sixth: BSC TMM pool — $1.67 million withdrawn through reserve manipulation.

Seventh: Aethir — a loss of $423,000 due to a flaw in access control on their GPU units network.

Eighth: Dango — a $410,000 theft through a smart contract bug within the bridge aggregator.

Ninth: Silo Finance — a loss of $392,000 due to an incorrect oracle setup.

Tenth: CoW Swap — front-end breach via a DNS attack, redirecting the site to a phishing page.

Eleventh: Zerion — subjected to a social engineering attack from North Korea, with login data stolen.

The attack surface is expanding faster than defense tools... and this situation is likely to get worse.

$ETH $SOL $BTC