Crypto Hacks Hit $630M in April 2026 as KelpDAO and Drift Breach DeFi Bridges

Crypto hacks in April 2026 totaled about $630M, the highest monthly figure since February 2025 and the worst theft month in 14 months. Security firms CertiK, PeckShield and DeFiLlama broadly confirmed the range, estimated at roughly $630M–$651M depending on incident scope. Two DeFi attacks dominated losses. KelpDAO, on Ethereum, lost around $293M after an 18 April exploit of the LayerZero cross-chain bridge; it paused contracts afterward. Drift Protocol, on Solana, lost about $280M after an attacker gained an administrator key. Together, KelpDAO and Drift accounted for more than 90% of April’s crypto hacks. For traders, this is a near-term risk signal for DeFi infrastructure and cross-chain bridge security. Crypto hacks like these can pressure sentiment, increase scrutiny of smart-contract and collateral reliability, and raise the odds of short-term volatility as markets reprice counterparty risk across ETH and BTC-linked flows.
Bearish
The updated reporting reinforces that April’s crypto hacks were not spread thinly across the market—two incidents drove over 90% of losses. That concentration increases the probability of immediate de-risking: liquidity providers may widen spreads, lending platforms may tighten collateral and bridge assumptions, and traders may reduce exposure to ETH/SOL-linked DeFi positions. In the short term, bridge and smart-contract compromise headlines typically raise perceived counterparty risk, which can weigh on prices and trigger volatility around ETH and SOL ecosystems. Over the longer term, the magnitude ($630M–$651M) and the “DeFi-only” framing (depending on how firms count incidents) could accelerate security upgrades and monitoring, but until mitigations are proven, market sentiment is likely to remain cautious. Overall, this is bearish for the traded assets directly tied to the affected DeFi and cross-chain rails (ETH, SOL, and related BTC-flow narratives).