Crypto hacks top $600m in April, pushing a ‘security tax’ across DeFi

Crypto hacks have already topped $606m in April (first 18 days), making it the worst month for exploits since February 2025 and lifting 2026’s year-to-date total above $770m. The “security tax” is emerging as a market-wide risk premium as stolen funds hit DeFi, bridges, and wallets. Key incidents: KelpDAO was attacked on April 18, draining about 116,500 rsETH worth roughly $292m after forged cross-chain messages tricked a LayerZero EndpointV2 bridge contract. Drift Protocol (Solana’s largest decentralized perps venue) suffered an April 1 exploit losing about $285m. DefiLlama data cited at least 13 compromised protocols so far, with KelpDAO and Drift accounting for ~95% of April losses. The attack surface is broadening beyond smart-contract bugs. Incidents reportedly include infrastructure and routing issues (e.g., Hyperbridge) and front-end/DevOps compromise at Vercel, with stolen data allegedly sold for $2m to support “global supply chain attacks.” Wallet security also faced AI-driven social engineering: Zerion disclosed attacks by DPRK-linked hackers (UNC1069) that compromised hot-wallet keys using long-horizon campaigns, stealing about $100,000 while keeping user funds and core infrastructure mostly intact. Market reaction: between 11:00–13:00 UTC on news-heavy days, mid-cap DeFi showed capitulation-style selloffs (~5–8% single-session drawdowns), thin bids, and rotation toward protocols with stronger security. Derivatives funding skewed mildly negative for DeFi, consistent with a “security tax” on leveraged beta. Traders may respond by fading leveraged DeFi exposure on exploit headlines and favoring higher-quality venues and volatility/infra strategies until bad-debt recognition is completed on-chain.