Après les 16,5 milliards de dollars d'exploits, DeFi est désormais contraint d'adopter les contrôles auxquels il résistait autrefois
Burns Brief
La crise du rsETH a généré 200 millions de dollars de créances irrécouvrables dans les livres d'Aave, bien qu'aucune ligne de ses contrats ne se comporte mal. La nouvelle a secoué les acteurs du marché, les baissiers cherchant à faire baisser les prix tandis que les haussiers tentent de défendre les niveaux de support clés. Surveillez $ETH $AAVE $NEAR pour connaître votre réaction : un mouvement décisif au-dessus ou en dessous des niveaux clés confirmera la prochaine tendance.
The rsETH crisis resulted in $200 million in bad debt on Aave's books, despite not a single line of its contracts misbehaving. On Apr. 18, attackers that Chainalysis preliminarily linked to Lazarus compromised RPC infrastructure, forced a failover to poisoned nodes via DDoS, and injected false data into a 1-of-1 DVN configuration on KelpDAO's rsETH bridge. The forged message released approximately 116,500 rsETH, and Aave's incident report confirmed that Ethereum accepted nonce 308 while the Unichain source endpoint never advanced past 307. The attacker supplied the compromised rsETH to Aave and borrowed against it, resulting in bad debt and serving as a frame for the current state of DeFi's security. Exploiters extracted over $635 million across 28 incidents in April, the worst monthly total in over a year. DefiLlama puts the cumulative historical cost of hacks at $16.5 billion, with $7.7 billion specifically targeting DeFi. The high-profile exploits on Drift and the KelpDAO bridge resulted in DeFi losing nearly $11 bilion in total value locked last month. That contraction occurred as stablecoin rails, tokenized treasuries, and regulated settlement layers gained institutional traction in the same capital markets. DeFi exploiters extracted $635 million across 28 incidents in April, the sector's worst monthly loss in over a year, while cumulative historical hacks reached $16.5 billion. How did DeFi end up here? Mitchell Amador, CEO of Immunefi, told CryptoSlate that DeFi has historically rewarded growth, integrations, liquidity, and speed over security maturity. A protocol that adds a new asset, bridge, oracle, adapter, or external dependency gains immediate utility. The risk that integration carries produces no visible price signal until an exploit materializes, because the absence of an incident is invisible while it holds. That asymmetry kept audit cycles and isolation practices secondary to shipping velocity for years, until April concentrated the consequences int
Key Takeaways
- The rsETH crisis resulted in $200 million in bad debt on Aave's books, despite not a single line of its contracts misbehaving
- The forged message released approximately 116,500 rsETH, and Aave's incident report confirmed that Ethereum accepted nonce 308 while the Unichain source endpoint never advanced past 307
- The attacker supplied the compromised rsETH to Aave and borrowed against it, resulting in bad debt and serving as a frame for the current state of DeFi's security
- Exploiters extracted over $635 million across 28 incidents in April, the worst monthly total in over a year
- DefiLlama puts the cumulative historical cost of hacks at $16