DeFi變成駭客後花園？一個月13起攻擊、6.3億美元被捲

📄完整原文· 由 trafilatura 自動擷取Gemini 翻譯1594 字

April 2026 was the month with the highest recorded amount of cryptocurrency stolen by hackers. According to DeFiLlama data, at least 13 DeFi protocols were attacked within 30 days, resulting in cumulative losses exceeding $630 million. Drift Protocol and KelpDAO alone accounted for 92% of the month's losses, with both incidents attributed by security firms to the North Korean Lazarus Group. From the start on April Fools' Day to the final blow on the last day of the month when Wasabi Protocol was drained of $5 million, there was hardly a safe day. (Context: Ledger CTO warns: 2026 is the worst year for hackers, DeFi single-signature architecture harbors systemic crisis) (Background: Kelp DAO hacked: 10+ DeFi protocols including Ethena and ether.fi cut off LayerZero cross-chain bridge connections) With hackers running rampant, DeFi in April felt like a hacker's playground, with an incident occurring on average every three days. This included incidents involving stolen admin keys, hijacked cross-chain bridges, and protocols seeing their TVL slashed in half. - 04/01｜Drift Protocol｜Solana｜$285 million: The attacker stole admin keys, forged CVT tokens as collateral, and drained over half of the TVL within 12 minutes. Lazarus Group is suspected. The largest single attack of 2026. - 04/12｜Hyperbridge｜$2.5 million: Exploitation of a cross-chain bridge contract vulnerability. - 04/16｜Rhea Finance｜$18.4 million: Unauthorized withdrawal from the protocol's liquidity pool. - 04/16｜Grinex｜$15 million: The second incident of the day, with funds stolen from the trading platform. - 04/18｜KelpDAO｜Ethereum / LayerZero｜$293 million: The attacker hijacked RPC nodes, utilized a 1-of-1 validator configuration to inject false messages, and drained 116,500 rsETH (18% of circulating supply). Lazarus Group confirmed. AAVE TVL evaporated by $10 billion in a single day. - 04/20｜ThetanutsFi｜$50,000: Small-scale vulnerability exploitation. - 04/20｜JuiceboxETH｜Ethereum｜$52,000: The second incident of the day, contract vulnerability. - 04/21｜Volo｜Sui｜$3.5 million: Funds stolen from a protocol on the Sui chain. - 04/25｜Purrlend｜$1.52 million: Lending protocol attacked. - 04/26｜Scallop.io｜$142,000: Small-scale vulnerability exploitation. - 04/27｜ZetaChain｜$334,000: Cross-chain protocol exploited. - 04/29｜AftermathFi｜$1.14 million: Abnormal withdrawal from the protocol's liquidity pool. - 04/30｜Wasabi Protocol｜ETH / Base / Blast / Berachain｜Over $5 million: Admin keys stolen; the attacker granted themselves administrative privileges and replaced the contract with a malicious version, draining four chains simultaneously. The time-lock was set to zero. The final blow of April. All turned into pocket money for the General. Of the $630 million total losses in April, Drift Protocol ($285 million) and KelpDAO ($293 million) combined for $578 million, accounting for 92%. While the attack methods differed, on-chain tracking by security firms TRM Labs and Chainalysis both pointed to the same criminal organization: the North Korean Lazarus Group. These two attacks triggered an exodus of approximately $13 billion in DeFi funds. Ledger CTO Charles Guillemet warned: "DeFi's single-signature architecture harbors a systemic crisis; 2026 is highly likely to be the worst year for hackers." The final blow to an old protocol: Wasabi Wasabi Protocol was breached on the last day of April, but the amount was "only" over $5 million. Wasabi itself had used an access control framework that supported time-locks, but the delay was set to zero, which is equivalent to installing a safe but leaving it unlocked. DeFi father Andre Cronje said in April: "Decentralized finance is dead, it's all for-profit enterprises now." It seems hard to refute him now.

資料狀態✓ 已擷取全文閱讀原文（動區 BlockTempo）

🔍歷史類似事件· 關鍵字 + 標的比對0 則

找不到相似事件（需要更多資料樣本或 embedding 搜尋，目前為 MVP 關鍵字比對）

原始資訊

ID：d49683e6b0

來源：動區 BlockTempo

發佈：2026-05-01 07:29:30

分類：hot · 導出分類 hot

標的：未指定

社群投票：+0 / −0 · ⭐ 1 重要 · 💬 0 留言