Aave Loses $8B TVL After $293M Kelp DAO Hack
Aave's TVL plunged nearly $8B after a $293M Kelp DAO bridge exploit allowed hackers to use stolen rsETH as collateral, creating $195M bad debt. The protocol's stablecoin pools hit 100% utilization, freezing withdrawals, while the AAVE token dropped 20% as whales withdrew over $800M.
Quick Take
Hackers used stolen Kelp DAO rsETH as collateral to borrow on Aave, creating $195M bad debt.
Aave's TVL fell from $26.4B to $18.6B, with USDT and USDC pools at 100% utilization.
AAVE token dropped nearly 20% as whales withdrew over $800M from the protocol.
Market Impact Analysis
BearishThe exploit created $195M in bad debt, triggered massive withdrawals and frozen stablecoin pools, causing a sharp drop in AAVE price and DeFi TVL, with potential for further liquidity crisis.
Speculation Analysis
Key Takeaways
- Hackers used stolen Kelp DAO rsETH tokens as collateral on Aave, creating $195 million in bad debt that triggered massive withdrawals.
- Aave's total value locked fell nearly $8 billion, with stablecoin pools reaching 100% utilization, freezing further withdrawals.
- The AAVE token price dropped almost 20% in 24 hours as whales fled, while multiple protocols paused bridge integrations.
What Happened
A $293 million exploit of Kelp DAO's LayerZero bridge over the weekend sent shockwaves through DeFi, with Aave at the center of the fallout. Hackers stole 116,500 rsETH tokens and immediately used them as collateral on Aave v3 to borrow Wrapped ETH. This created $195 million in bad debt on the lending protocol, sparking a wave of withdrawals that wiped out nearly $8 billion in total value locked within 24 hours.
Aave responded by freezing rsETH markets on both v3 and v4 on Ethereum mainnet, and also froze WETH reserves across Arbitrum, Base, Mantle, and Linea. Several other protocols, including Curve Finance and Ethena, paused their rsETH bridge integrations to contain risk.
The Numbers
Aave's TVL plummeted from $26.4 billion to $18.6 billion, according to DeFiLlama data. Stablecoin pools felt the brunt: the USDT pool reached 100% utilization with only $2,540 available for withdrawal from $2.87 billion total deposited, and the USDC pool was similarly drained. Over $5.1 billion in stablecoins is now locked until fresh deposits arrive or loans are repaid.
The AAVE token cratered nearly 20%, falling from $112 to $89.5 in about 25 hours. Lookonchain identified large outflows: MEXC withdrew $431 million and Abraxas Capital pulled $392 million from Aave, accelerating the liquidity crisis.
Why It Happened
The Kelp DAO bridge hack exposed the systemic fragility of interconnected DeFi protocols. Even though Aave uses overcollateralized loans, the stolen rsETH appeared legitimate, enabling the attackers to borrow funds instantly. Once the bad debt was discovered, fear of contagion prompted a bank-run-like scramble for exits, overwhelming Aave's liquidity buffers.
The incident also highlighted bridge risk. Kelp DAO's LayerZero-powered bridge was exploited, and the stolen tokens moved across chains before being used on Aave. This chain-of-events shows how a single bridge compromise can cascade into lending protocol insolvency risks.
Broader Impact
This is the first major test of Aave's Umbrella security model, introduced in June 2025 to protect against bad debt. Aave's ability to handle this event without further bailouts will set a precedent for DeFi risk management. Other protocols have paused rsETH or bridge integrations, signaling that the fallout may extend beyond Aave if trust in restaked ETH or LayerZero bridges erodes.
What to Watch Next
- Aave's stablecoin pool utilization rates — any drop below 100% would indicate returning liquidity and easing pressure.
- Whether the attacker can convert the bad debt into realized losses through protocol liquidations or further borrowing.
- AAVE token performance; a sustained break above $100 could signal market confidence that the worst is over.
This article is for informational purposes only and does not constitute financial advice.
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
© 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.
