Kirill Varlamov
486 posts
@ongridpro
CTO and systems architect at @DefinmeAG. Pushing the boundaries of possibility with transformative solutions in DAOs, DeFi and Web3.
DeFi's April hack count keeps rising: 15+ exploits, ~$1B+ gone, and AI is the quiet suspect behind most of them This is the first month where AI-priced offense visibly outran DeFi defense, and the research showing why isn't speculation - it's measured and replicable 🧵 /1
DeFi's April hack count keeps rising: 15+ exploits, ~$1B+ gone, and AI is the quiet suspect behind most of them This is the first month where AI-priced offense visibly outran DeFi defense, and the research showing why isn't speculation - it's measured and replicable 🧵 /1
Kelp DAO appears to have been exploited for $293 MILLION in the last hour, making it the biggest DeFi hack of 2026. And it's far from being the only one this month. Over $600M stolen from DeFi in the last 2 weeks across over 10 different protocols, and AI is only making it easier for hackers. > Kelp DAO: attacker exploited the LayerZero bridge to drain 116,500 rsETH ($293M), then used it as collateral on Aave to borrow ETH, leaving Aave with bad debt as $AAVE dumps. > Drift Protocol: $285M drained by North Korean hackers using AI powered social engineering, they spent months building trust with insiders before executing in 12 minutes. > Rhea Finance: $18M stolen through fake token pools that tricked the protocol's oracle into approving withdrawals. > Grinex: $15M stolen, sanctioned Russian exchange suspended all operations and blamed "Western intelligence". > Hyperbridge: attacker minted 1 billion fake bridged DOT with a notional value over $1B, but only extracted about $237K because liquidity was thin. > BSC TMM pool: $1.67M drained through reserve manipulation. > Aethir: $423K lost in an access control exploit on their GPU network. > Dango: $410K stolen through a smart contract bug in their bridge aggregator. > Silo Finance: $392K gone from a misconfigured oracle. > CoW Swap: frontend hijacked through DNS attack, site redirected to a phishing page. > Zerion: hit by North Korean social engineering, credentials stolen. The attack surface is expanding faster than the defenses. This is only going to get worse.
DeFi's April hack count keeps rising: 15+ exploits, ~$1B+ gone, and AI is the quiet suspect behind most of them This is the first month where AI-priced offense visibly outran DeFi defense, and the research showing why isn't speculation - it's measured and replicable 🧵 /1
🔓 5 years of DeFi/crypto exploits, 2020–2026 YTD: where the money actually leaks. 📉 Protocol-logic exploits collapsed: 37% (2021) → ~5% (2024). Audits, formal verification, fuzz harnesses, immutable bug bounties — they actually work. 📈 But total losses didn't fall — keys / infra / CEX / UI supply-chain became 80–95% of the pie: • Bybit $1.5B (Safe{Wallet} supply chain, Lazarus, Feb 2025) • Kelp DAO via LayerZero $292M (RPC compromise + DDoS failover, Apr 2026) • DMM Bitcoin $305M (private key, May 2024) • WazirX $235M (multisig, Jul 2024) • Mixin $200M (cloud DB breach, Sep 2023) ⚖️ 2025 partial recovery to 20% logic: Cetus (Sui) $223M, Balancer V2 $128.6M precision heist, GMX V1 $42M. The weakest link moved from code → humans, cloud, endpoints. Sources: Chainalysis, SlowMist, Halborn, Immunefi, DefiLlama, REKT DB. #DeFi #CryptoSecurity
Справедливость восторжествовала
