KelpDAO hack highlights DeFi’s shift from coding flaws to operational risks
The KelpDAO hack has exposed a significant shift in the DeFi landscape, moving from concerns about coding flaws to operational risks. This $293 million exploit was executed through a compromised centralized verification process rather than a vulnerability in smart contract code. The incident highlights the need for DeFi protocols to reassess their security measures beyond just code audits.
- ▪Attackers stole 116,500 rsETH, valued at approximately $290 to $293 million.
- ▪The exploit was the largest DeFi hack of 2026 and did not involve a flaw in on-chain code.
- ▪The attackers used RPC poisoning to manipulate KelpDAO's internal nodes, leading to the unauthorized release of funds.
Opening excerpt (first ~120 words) tap to expand
<img src="https://static.cryptobriefing.com/wp-content/uploads/2026/05/16093031/kelp-dao-review-2026-fees-pros-cons-safety-1-800x420.jpeg" alt="KelpDAO hack highlights DeFi’s shift from coding flaws to operational risks" class="w-full aspect-[19/10] object-cover" /> KelpDAO hack highlights DeFi’s shift from coding flaws to operational risks The $293 million exploit didn't target a single line of smart contract code, and that's exactly why it matters. Share Add us on Google by Editorial Team May. 16, 2026 DeFi has spent years obsessing over smart contract audits. The KelpDAO exploit on April 18 suggests the industry has been studying for the wrong exam.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Crypto Briefing.
Discussion
0 commentsMore from Crypto Briefing
