•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Aave has suffered a major liquidity shock after hackers exploited stolen Kelp DAO funds as collateral on Aave v3, triggering an estimated $195 million in bad debt, freezing $5.1 billion in stablecoins, and contributing to an $8 billion drop in total value locked (TVL) over the weekend. The AAVE token fell about 20% from $112 to $89.50 in roughly 25 hours.
According to Lookonchain, the Kelp DAO attack on Saturday—targeting its LayerZero bridge—netted hackers 116,500 rsETH tokens. Instead of immediately selling, the attackers posted the stolen rsETH as collateral on Aave v3 and borrowed wrapped Ether against it.
This collateralization reportedly resulted in approximately $195 million of “bad debt” on Aave. Because the rsETH collateral is tied to the exploit, it is described as effectively unrecoverable for repayment purposes.
The situation led to a rapid withdrawal dynamic across Aave. DeFiLlama data shows Aave’s TVL fell from $26.4 billion to $18.6 billion by Sunday. Large withdrawals occurred early, including $431 million pulled by MEXC and $392 million withdrawn by Abraxas Capital.
More than $5.1 billion in USDT and USDC is reported to be frozen in Aave v3 lending pools, which are operating at 100% utilization. Depositors cannot withdraw until new liquidity arrives or borrowers repay.
In the USDT pool, the reported figures show $2.87 billion deposited, with only $2,540 available for withdrawal at one point—leaving liquidity effectively unavailable despite the large total deposits.
Aave froze rsETH markets on both v3 and v4 versions. WETH reserves were also locked across multiple networks, including Ethereum, Arbitrum, Base, Mantle, and Linea. The protocol stated that rsETH on Ethereum mainnet remains fully backed by underlying assets, though access is constrained for users who cannot withdraw stablecoins.
The disruption has extended beyond Aave. Curve Finance, Ethena, and BitGo’s WBTC integration with LayerZero bridges reportedly paused until the situation is resolved.
The episode is described as the first major stress test of Aave’s “Umbrella” security model, introduced in June 2025 to automate protections against bad debt. The timing is also notable because Aave reportedly parted ways with risk manager Chaos Labs two weeks earlier over disagreements about v4 direction and budget.
A Bank of Canada study earlier this month had praised Aave v3 for avoiding bad debt through overcollateralization and automated liquidations, but the current incident highlights how quickly liquidity and collateral assumptions can be challenged under exploit conditions.
The immediate question is when stablecoin pools will unlock. The reported outcome depends on whether new deposits arrive or whether existing borrowers repay, neither of which appears imminent given current sentiment.
Aave v4 launched at EthCC with a new “hub-and-spoke” architecture for real-world assets. The article notes uncertainty about whether the expansion schedule will continue while the protocol manages the crisis.
Image source: Shutterstock
Premium gym chains are entering a “golden era” that is ending or already in decline, as rising operating costs collide with shifting consumer preferences toward more flexible, community-based ways to exercise. Long-term memberships are shrinking, margins are pressured by higher rents and facility expenses, and competition from smaller, more personalized…
