Aave Crypto Theft Sparks Recovery Effort as Lido and EtherFi Lead Aid Initiative

Aave is rallying decentralized finance partners to contain the fallout from the $292 million KelpDAO hack, with Lido and EtherFi among the first to offer aid as industry players coordinate a recovery effort following the year’s biggest crypto theft.

The exploit began on April 18, 2026, when an attacker found a vulnerability in KelpDAO’s LayerZero bridge, allowing the release of approximately 116,500 rsETH tokens worth around $293 million, according to CoinDesk. The stolen rsETH was then deposited into Aave V3 as collateral and used to borrow substantial amounts of wrapped ETH, generating roughly $196 million in bad debt for the protocol.

Aave’s total value locked collapsed from $26.4 billion on April 18 to nearly $20 billion by Sunday morning, a decline of roughly $6.6 billion, as reported by Unchained Crypto. The attack hit the exact collateral-to-borrowing pair that dominates Aave’s book, with wrapped ETH representing 39.49% of all loans on the protocol.

In the 24 hours after the hack, whales pulled more than $6 billion from Aave, pushing major pools like ETH, USDT and USDC to 100% utilization and effectively trapping remaining depositors’ funds. Stranded users then borrowed roughly $300 million against their own locked stablecoin deposits at steep losses just to access liquidity, according to Chaos Labs data cited by CoinDesk.

Aave responded by freezing rsETH markets on both V3 and V4 to prevent additional collateral deposits. Founder Stani Kulechov confirmed Aave’s smart contracts were not compromised and said both versions “do not have further exposure to rsETH.” However, Aave’s response to the bad debt question shifted during the episode: an initial statement suggesting the Umbrella safety module could cover the deficit was revised hours later to say the protocol would “explore paths to offset the deficit,” sparking fears that the reserve may fall short and that stkAAVE stakers could be called on to absorb residual losses.

The Aave token fell nearly 20% to $89.5 in just over 24 hours following the exploit, as reported by CoinTelegraph. Industry players are now coordinating a recovery effort, with Lido and EtherFi being the first to offer aid in containing the fallout from what has been described as the year’s biggest crypto theft.