After the $16.5 billion in exploits, DeFi is now being forced toward the controls it once resisted

The decentralized finance (DeFi) sector suffered another major blow when attackers linked to North Korea's Lazarus Group orchestrated a sophisticated attack on KelpDAO's rsETH infrastructure on April 18. The exploit resulted in $200 million in bad debt appearing on Aave's balance sheet, despite the lending protocol's smart contracts functioning perfectly as designed. Chainalysis preliminary analysis suggests the attackers compromised RPC infrastructure, executed DDoS attacks to force failover to poisoned nodes, and injected false data through KelpDAO's 1-of-1 DVN configuration.

This incident adds to the staggering $16.5 billion in total DeFi exploits that have plagued the sector since its inception. The rsETH crisis represents a particularly concerning evolution in attack vectors, demonstrating how bad actors can exploit infrastructure vulnerabilities rather than smart contract flaws directly. The sophisticated nature of the attack, involving multiple layers of technical manipulation, highlights the growing complexity of threats facing decentralized protocols.

The mounting losses are forcing the DeFi industry to reconsider its foundational resistance to traditional financial controls and oversight mechanisms. Projects that once championed complete decentralization are now implementing additional security measures, multi-signature requirements, and governance frameworks that mirror traditional finance safeguards. This shift represents a fundamental tension between maintaining decentralized principles and ensuring user fund security.

Industry observers will be monitoring how major DeFi protocols respond with enhanced security measures and whether regulators use these incidents to justify increased oversight requirements.

Source: CryptoSlate

Read original article ↗