Close to $14 billion has been pulled from DeFi projects in recent weeks, the Financial Times (FT) reported Wednesday (May 6), citing the data firm DefiLlama.
This came after hackers tied to the North Korean government stole $290 million from the KelpDAO platform and used the stolen funds as collateral to borrow $230 million from Aave, the sector’s biggest lender. Weeks earlier, hackers siphoned $280 million from DeFi exchange Drift.
The FT characterizes the incidents as a major blow to DeFi, which replaces intermediaries like banks and brokers with automated contracts. In this sector, the report added, the security of the blockchain is crucial. The incidents also happened at a time when the traditional financial world is experimenting with blockchain adoption.
“The fallout is severe,” Lucas Tcheyan, research associate at crypto group Galaxy, told the FT. He added that the hacks “undermine[s] arguments that crypto offers a safer and more transparent alternative to legacy financial rails.”
According to the report, the DeFi space saw a growth spurt in 2020, with the market’s size ballooning from less than $1 billion to around $180 billion in 2021.
The sector has since expanded into an interwoven network of financial applications, the FT added, though those connections have been revealed as a liability following the hacks. Since then, the market has shrunk to roughly $86 billion.
In a recent episode of the “From the Block” podcast, PYMNTS CEO Karen Webster and Ryan Rugg, global head of digital assets for Citi Treasury and Trade Solutions, explored why the Kelp DAO incident was both a technical and behavioral failure.
While earlier attacks targeted private keys or flawed smart contracts, this hack involved the connective tissue of blockchain ecosystems: the messaging layer that allows for interoperability across chains.
“Past hacks were due to stolen keys or bugs in smart contracts, this one was convincing the vault the thief was actually the owner,” Rugg said.
As PYMNTS wrote, the incident spotlights the tension between crypto’s desire for open, interoperable systems and the institutional demand for security and control.
“Does this delay the institutional adoption of DeFi? Maybe,” Rugg said. “It is going to take some of the confidence out of the market.”
Still, she stopped short of calling the hack a defining setback, adding that any institutionally driven decision will likely depend on whether firms can implement “proper redundancy and security at every layer where the trust resides.”