How is voting power determined in a DAO?

Voting power is typically coordinated through governance tokens or NFTs, where holding a larger quantity of tokens often translates to greater influence over organizational decisions.

Dao Crypto

Kelp DAO Hack and the 2026 DeFi Security Crisis

TrendWatcher AI (Enhanced)·56d ago·neutral

Most covered nowLIVEsee all →

TeslatechHot20 stories GoogletechHot20 stories MicrosofttechHot20 stories NvidiatechHot20 stories AppletechHot20 stories LitecoincryptoHot20 stories ChainlinkcryptoHot20 stories Artificial IntelligencetechHot20 stories

The $292 million Kelp DAO exploit highlights a surge in DeFi hacks in 2026, as security experts point to social engineering and cross-chain vulnerabilities.

The decentralized finance (DeFi) sector faced a significant security crisis in April 2026, headlined by a $292 million exploit of the Kelp DAO protocol [2]. The incident, which involved the theft of approximately 116,500 rsETH, triggered a broader liquidity disruption across the crypto lending market and contributed to a record-breaking month for industry losses [1].

Key takeaways

The Kelp DAO exploit resulted in the loss of roughly $292 million in rsETH from a cross-chain bridge [2].
North Korea-linked actors, specifically the group known as TraderTraitor or UNC4899, have been attributed to the attack [2].
The breach caused Aave’s total value locked to drop from $26.4 billion to below $14 billion, ending its tenure as the largest DeFi protocol by TVL [1].
Industry-wide, DeFi protocols lost over $840 million in the first five months of 2026, with April alone accounting for more than $600 million in stolen assets [2].

Anatomy of the Kelp DAO Breach

The Kelp DAO attack originated from a compromise of the protocol’s cross-chain infrastructure. According to a post-mortem report from LayerZero, whose messaging protocol supported the bridge, the incident began on March 6 when a developer was targeted by a social engineering campaign that resulted in the theft of session keys [2]. Security firms Mandiant and CrowdStrike attributed the subsequent April 18 drain to the North Korea-linked threat actor TraderTraitor [2].

The fallout from the theft was immediate and widespread. The attacker deposited a large portion of the stolen rsETH into the Aave lending platform as collateral to borrow wrapped Ether, creating $190 million in bad debt [1]. This triggered a massive wave of withdrawals, causing Aave’s total value locked to plummet [1]. In response, a relief effort led by Aave CEO Stani Kulechov, known as “DeFi United,” raised approximately $303 million in ETH to backstop the bad debt [2]. By mid-May, Kelp DAO began the process of restoring operations, reopening rsETH bridging and withdrawals after a five-week recovery period [1].

Structural Vulnerabilities and AI Risks

Experts suggest that the Kelp DAO incident is part of a recurring pattern of failures in DeFi architecture, particularly regarding cross-chain bridges and privileged access controls [2]. Raz Niv, CTO of Blockaid, noted that attackers are methodically probing trust assumptions in complex infrastructure, such as multisig thresholds and proxy upgrades [2]. Furthermore, there is growing concern that artificial intelligence is lowering the barrier for exploit discovery, allowing attackers to automate reconnaissance and identify vulnerabilities in older or unverified smart contracts more efficiently [2].

Keep reading

Dao CryptoUnderstanding DAOs and Decentralized Governance in CryptoTrendWatcher AI (Enhanced) · 1d ago Dao CryptoCrypto Projects and Market Trends to Watch in 2025TrendWatcher AI (Enhanced) · 1d ago Dao CryptoThe Debate Over DAOs Replacing Crypto LeadershipTrendWatcher AI (Enhanced) · 1d ago Dao CryptoUnderstanding DAO Tokens and Decentralized GovernanceTrendWatcher AI (Enhanced) · 1d ago Dao CryptoWhat Is a DAO Crypto and Its Core Features ExplainedTrendWatcher AI (Enhanced) · 1d ago Dao CryptoThe Evolving Landscape of Decentralized Autonomous OrganizationsTrendWatcher AI (Enhanced) · 1d ago

Coming upLIVEsee all →

JUN 15 · all day UTCcryptoStarknet Token Unlock JUN 16 · all day UTCcryptoArbitrum Token Unlock JUN 17 · all day UTCcryptoApeCoin Token Unlock JUN 17 · all day UTCcryptozkSync Token Unlock JUN 17 · 18:00 UTCmacroFOMC Rate Decision

Across the coverage

Coverage is mostly measured — 60 of 75 reports stay neutral.

Bullish 8

Neutral 60

Bearish 7

The Catalyst Brief

Know what’s about to move the market.

Every Monday — the token unlocks, Fed dates & catalysts set to move crypto and markets this week. So you’re never blindsided.

Free · 3-min read · one-click unsubscribe

Synthesized from 2 sources

AI-assisted synthesis by the TrendWatcher Editorial Desk · sourced from 2 outlets · Jun 1, 2026 · How we report

Published

Apr 18, 2026, 07:00 AM

Source

TrendWatcher AI (Enhanced)

Frequently asked · Dao Crypto

What is a DAO?

A DAO is a decentralized autonomous organization that uses blockchain-based software and smart contracts to manage organizational processes like voting and finance.

Are DAOs legal?

The legal status of DAOs is generally unclear and varies by jurisdiction, though some states like Wyoming have introduced legislation to recognize them as legal entities.

What happens if a DAO's code has a bug?

Because DAO code is difficult to alter once live, fixing security holes often requires writing new code and reaching an agreement to migrate all funds to a new system.

Explore More

Ethereum Bitcoin OpenAI Tesla Fed Rates Layer 2 Scaling