Home
News
Details

DeFi security breaches prompt $100 billion in weekend fund withdrawals

icon MarsBit
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
AI summary iconSummary

expand icon
DeFi security breaches surged over the weekend, with a $292 million rsETH theft at KelpDAO triggering $100 billion in fund withdrawals. This DeFi exploit follows recent attacks on Drift Protocol and Venus. Users are relocating assets to safer options such as stablecoins and tokenized U.S. treasuries. Market confidence remains weakened as risk aversion continues to rise.

Written by: Liam 'Akiba' Wright

Compiled by Saoirse, Foresight News

The theft of $292 million worth of rsETH from KelpDAO occurred at an extremely inopportune time for the DeFi industry. Prior to this, market confidence had already been severely shaken by the security vulnerability exploited on Drift Protocol on April 1 and the collapse of the Venus lending protocol in March. Following this incident, approximately $10 billion in funds exited the DeFi sector over the entire weekend. (Related reading: Why Is DeFi Always Targeted by Hackers? You May Have Overlooked These Warning Signs)

The叠加 of multiple crises has made the challenges facing DeFi increasingly impossible to ignore. Although the open-source decentralized finance system still exists, it is gradually losing its core position as the default on-chain financial entry point. Stablecoins, tokenized government bonds, and compliant settlement channels are expanding rapidly, while permissionless native protocols continue to face a market trust discount.

A list of 2026 theft incidents circulating on social platform X vividly reflects the current pessimism within the industry.

Venus

2026 Hacker Rankings (Source: Our Crypto Talk)

Some security incidents have been fully reviewed, while other risks continue to escalate, and many events have blurred the lines between protocol vulnerabilities, cross-chain bridge failures, and user asset theft. This article primarily analyzes the confirmed security incidents of 2026 and the shifts in industry dynamics they have exposed.

The current state of the industry is vastly different from the peak of the 2020 DeFi Summer and the 2021 bull market—those glorious days now exist only in memory. Back then, DeFi told the market a narrative of open, efficient, and composable finance; by 2026, these qualities still exist, but they no longer carry the same光环 and market belief.

Every major theft incident increases the trust cost for users participating in DeFi. Meanwhile, the fastest-growing and most secure segment of on-chain finance is gradually shifting toward payment networks, tokenized government bonds, and compliant token products—not the complex native DeFi token ecosystems.

The real test for the industry today is whether open-source DeFi can quickly rebuild market trust and maintain its position as the primary on-chain entry point. Currently, the entire sector is not heading toward obsolescence, but rather facing increased pressure and reduced space.

The security risks of DeFi have long gone beyond smart contract vulnerabilities.

After a major hacking attack, the most common misconception is attributing all incidents to smart contract code vulnerabilities. The Drift protocol’s loss of approximately $285 million precisely demonstrates that this perception is outdated.

Chainalysis, a on-chain data analytics firm, revealed that this attack stemmed from privilege abuse, vulnerabilities in admin pre-signing operations, and fraudulent collateral assets—not merely code flaws. The market has thus recognized that many of today’s DeFi risks lie in governance permissions, signing mechanisms, and operational architecture.

This fundamental shift has changed the underlying entities users must trust. Code audits and market-tested contracts remain important, but they can no longer cover the entire risk chain: signature nodes, cross-chain bridges, oracles, and market parameter configurations all pose potential vulnerabilities. As protocols span multiple blockchains, governance committees, liquidity platforms, and collateralized derivatives, the attack surface expands far faster than the decentralized narrative can evolve.

The post-mortem of the Venus protocol also revealed similar issues, albeit with different risk manifestations. The attacker exploited inflated asset valuations to collateralize loans and extracted approximately $14.9 million in assets, leaving the protocol with over $2 million in bad debt. Although the root cause differed from Drift, the conclusion remains the same: even leading DeFi lending platforms remain vulnerable to asset crises under conditions of low liquidity and unusual structural edge cases.

Immediately following this was the sudden collapse of KelpDAO. According to CryptoSlate, the vulnerability directly triggered a $10 billion withdrawal from the entire DeFi market, forcing all rsETH-related markets to be frozen. Even though market sentiment later eased and withdrawal figures were subsequently revised, the signal was unmistakable: when faced with cross-chain complexity, collateral uncertainty, and systemic contagion risk, users’ first response is to withdraw their funds.

This trend aligns with TRM Labs' 2026 Security Report, which found that the vast majority of stolen losses in the industry in 2025 came from infrastructure attacks, surpassing those caused by smart contract vulnerabilities alone.

The trust crisis in DeFi is becoming increasingly difficult to contain, as the industry must now defend not just the code itself, but the entire complex system built upon it.

On-chain finance is still growing, but funds are flowing toward safer products.

The overall market capitalization does not support the claim of a "complete DeFi collapse." According to CryptoSlate data from April:

  • The market capitalization of USDT has reached $185 billion, and the market capitalization of USDC has reached $78 billion;
  • The total supply of stablecoins on the Tron chain is $86.958 billion, and on the Solana chain, it is $15.726 billion.

The Ethereum chain still holds the core liquidity of native DeFi, with the market showing more of a concentrated migration of funds rather than a full-scale exit.

Funds in the low-volatility wealth management sector have shown more pronounced shifts. As of March 12, 2026, the total value of tokenized U.S. Treasuries has reached $10.9 billion, with over 55,000 holders.

Users continue to use blockchain for settlement and asset ownership verification, but are no longer willing to commit their assets to complex, high-risk native DeFi projects.

Market differentiation is very clear:

Signs of Trust Under Pressure and Capital Outflows:

  • $292 million stolen from KelpDAO triggers approximately $10 billion in withdrawals across the industry;
  • Drift's locked volume halved due to a permission vulnerability;
  • Venus exposes lending risks due to low liquidity and frequent bad debts.

On-chain growth positive signals:

  • The combined market capitalization of USDT and USDC is approximately $263 billion;
  • The tokenized U.S. Treasury market has reached $10.93 billion, with over 55,000 holders;
  • Visa continues to advance USDC settlement, building an institutional-grade stablecoin ecosystem.

Capital is clearly flowing toward products with clear logic, adequate collateral, and suitability for institutional entry.

Key highlights from Visa’s 2026 Stablecoin Strategy Report: Its data shows that the total supply of stablecoins increased by over 50% in 2025, rising from $186 billion at the beginning of the year to $274 billion by year-end; it also identifies 2026 as the year institutions will formally enter the stablecoin space, signaling that the stablecoin sector is moving toward mainstream adoption and regulation.

The same applies at the settlement level. Visa has disclosed that its monthly USDC settlement volume has surpassed $3.5 billion on an annualized basis.

The digital asset itself represents a small portion of the stablecoin market, but its industry significance is profound: compliant traditional financial infrastructure is now connecting directly to on-chain networks, no longer requiring reliance on the full ecosystem narrative of native DeFi.

The core of industry competition: Who will control the future on-chain infrastructure?

CryptoSlate previously analyzed that compliant institutions are competing for a on-chain asset pool exceeding $330 billion, which includes approximately $317 billion in stablecoins and nearly $13 billion in tokenized treasuries.

These funds continue to prioritize the advantages of high speed, programmability, and 24/7 settlement, with market attention focused on leading assets and foundational settlement networks rather than various niche governance experiments.

The difference is especially evident compared to the 2021 bull market cycle.

In past cycles, DeFi encompassed both the underlying infrastructure and end products: the origin of innovation, the source of high yields, and the model for future finance were all concentrated here. By 2026, the future of on-chain finance is being stripped of the inherent risks of native DeFi and repackaged.

Tokenized funds enable round-the-clock settlement and rapid clearing, with stablecoins handling payments and treasury operations; institutions enjoy the benefits of blockchain while maintaining strict control over compliance, counterparty risk, and market structure.

CryptoSlate’s project shutdown report shows that over 80 crypto projects have officially ceased operations or entered liquidation in Q1 2026. Although not limited to DeFi, this is enough to indicate that capital has run out of patience for projects that fail to generate long-term value, stable returns, or real-world applications.

Crypto spot ETFs are also part of this broader trend. Compliant products continue to attract market capital and attention, as users and institutions increasingly prefer infrastructure that offers the benefits of blockchain without the high trust risks associated with native DeFi.

This also allows native DeFi to maintain its unique positioning, albeit in a more constrained space: open composability and permissionless innovation remain valuable, serving as a laboratory for financial primitive innovation—where DeFi leads the way in exploring and experimenting with new models before they are adopted and mainstreamed by compliant products.

The core industry challenge remains trust compression.

Native open-source DeFi is losing its narrative dominance; if it fails to quickly rebuild trust, optimize its operational architecture, and prove the irreplaceability of its complex design, it will gradually lose its position as the front-end entry point for on-chain finance.

The core competition in the industry has become clear: who will absorb the next wave of on-chain demand? Currently, safer and more compliant on-chain wrapped products are gaining the upper hand.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.