JPMorgan Report: Frequent DeFi Hacker Attacks Compress Institutional Interest! Why Has USDT Become a Beneficiary?

JPMorgan’s latest report indicates that due to frequent security vulnerabilities and stagnation in total value locked (TVL), DeFi’s appeal to institutional investors continues to weaken.

According to a report by CoinDesk on 4/23, JPMorgan’s latest research report on the crypto industry states that ongoing security flaws and stagnant TVL are jointly compressing DeFi’s attractiveness to institutional investors, pushing some investment funds toward Tether’s issued USDT stablecoin. The report was authored by JPMorgan’s analyst team, continuing the bank’s conservative stance in recent years regarding the pace of DeFi institutional adoption.

Key Points of the Report

JPMorgan’s analyst team maintains a conservative position on DeFi and tokenization progress since last year, citing recent frequent cross-chain bridge and protocol layer attacks as one of the main factors hindering institutional investment in DeFi. According to CoinDesk’s summary of the report, the market behavior shows: institutions and some retail participants are withdrawing funds from DeFi protocols and transferring them into highly liquid assets issued by verified enforcement capabilities, such as Tether USDT.

Recent DeFi Attacks Align with This Narrative

A week before the report’s release, the DeFi ecosystem experienced two major incidents, which are typical examples of the “persistent vulnerabilities” mentioned by JPMorgan:

• Kelp DAO hacked for $292 million: LayerZero cross-chain bridge was spoofed, marking the largest DeFi incident in April 2026.
• Rhea Finance Oracle attack: Loss of $18.4 million, with Tether coordinating to freeze $4.34 million USDT immediately.

Both incidents reveal the DeFi protocol layer’s over-reliance on oracles and cross-chain bridges—an unquantifiable risk long highlighted by institutional risk control teams.

Why USDT Became a Beneficiary

While DeFi protocol risk incidents are frequent, Tether’s USDT has gained trust through its on-chain enforcement capabilities and differentiated itself. Recently, Tether demonstrated its coordination infrastructure with OFAC during a $344 million freeze operation in collaboration with U.S. law enforcement. This controllable centralized feature precisely meets the core compliance needs of institutional departments for “traceability and recoverability.”

Signals for DeFi Participants

For DeFi protocols, JPMorgan’s report indirectly points out two structural challenges: first, the long-term security record of protocols cannot be solely repaired through insurance and governance mechanisms; second, even as permissioned pools and KYC vaults are gradually introduced, traditional institutions still prefer to handle large funds using centralized stablecoins and custodians. For users, this means DeFi liquidity may struggle to return to the TVL highs of 2021 in the short term, and stablecoin supply will continue to be concentrated among a few centralized issuers.

• This article is reprinted with permission from: Chain News
• Original title: JPMorgan: Frequent DeFi Hacks and TVL Stagnation Compress Institutional Interest, Funds Shift to USDT
• Original author: Elponcrab