#Gate广场五月交易分享

The DeFi attack losses in April exceeded $600 million. Why do hackers frequently "eat meat"?

In April, security incidents in DeFi have been confirmed to cause approximately $651 million in losses, setting the highest monthly record since March 2022. Kelp DAO lost about $292 million, Drift Protocol lost about $280 million, with over 20 vulnerability attacks in a single month. Why are security incidents so concentrated? Is it due to hackers' technological upgrades or are there other reasons? Let's listen to Xiao Caishen talk about it.

‌Core reasons for frequent attacks‌

‌1. Systemic flaws in cross-chain bridges are being exposed‌

The Kelp DAO incident (loss of $292 million) originated from‌ a vulnerability in single validation node configuration‌: attackers isolated RPC nodes and forged cross-chain messages, inducing the system to generate uncollateralized rsETH tokens.

Cross-chain bridges generally have‌ design shortcomings‌: including over-reliance on centralized validation nodes, lack of bidirectional state verification mechanisms, and funds pools not isolated for risk control, enabling hackers to bypass security mechanisms without cracking cryptography.

‌

2. DeFi composability amplifies risk transmission‌

The fake rsETH generated by Kelp DAO was deposited into lending protocols like Aave, triggering‌ chain reactions of bad debt‌ (Aave's potential bad debt reaching $196 million), exposing the lack of risk circuit breakers between nested protocols.

High protocol coupling causes single points of failure to quickly evolve into systemic crises, such as the $6 billion fund panic withdrawal triggered after the Drift Protocol attack.

‌

3. Security practices lag behind technological iteration‌

Developers‌ overly pursue efficiency and speed of integration‌, neglecting basic security configurations (e.g., Kelp DAO was accused of ignoring multiple security warnings from LayerZero).

Audit focus remains on smart contract code, with insufficient attention to infrastructure-level risks such as cross-chain communication layers and oracle dependencies.

‌

4. Upgrading attack techniques and organizational trends‌

State-level hacker groups like Lazarus Group are involved, employing‌ multi-stage engineered attacks‌ (e.g., money laundering through Tornado Cash, forging cross-chain messages).

AI-driven vulnerability discovery and social engineering infiltration (such as a 6-month covert operation against Drift Protocol) enhance attack efficiency.



Impact on the crypto space

1.‌ Market trust is severely undermined‌

Leading protocols' TVL plummets: Aave's locked assets decreased by 32% in one day (from $18 billion to $16.4 billion), and token prices dropped 18% in 24 hours.

User risk-avoidance sentiment surges, with funds rapidly withdrawing from high-risk DeFi protocols, shifting to centralized exchanges or native assets on underlying blockchains.

‌

2. Regulatory intervention is imminent‌

The incidents reveal industry self-discipline failure (e.g., Kelp DAO and LayerZero passing the buck), which will‌ push global regulators to strengthen security standards‌.

Key regulatory directions may include: mandatory multi-node verification for cross-chain bridges, risk isolation requirements for DeFi protocols, and compliance tracking of hacker funds.

‌

3. Accelerated reconstruction of technical architecture‌

Cross-chain security paradigm upgrade‌: shifting from single audits to continuous monitoring + formal verification, adopting multi-signature delayed transactions, and fund segregation management.

‌Risk hedging mechanisms‌: demand for DeFi insurance protocols surges, with real-time collateral quality assessment and circuit breaker mechanisms becoming development priorities.

‌

4. Industry competition landscape diversifies‌

Established protocols gain user re-engagement due to security redundancies, while new projects face higher entry barriers.

Market concentration in cross-chain bridges increases, with protocols that have decentralized verification layers and a track record of security (such as some Layer 1 native bridges) dominating the market.