Wasabi Protocol Hack: $4.55M stolen via admin-key takeover

Published: 2026-04-30 12:37:21 |

Wasabi Protocol hack resulted in a $4.55M loss, with attackers taking control by stealing the EOA private key (wasabideployer.eth). They then transferred the single ADMIN_ROLE permission to themselves and replaced UUPS upgrade logic. According to Blockaid, the grantRole call enabled malicious code swaps for Wasabi’s perp vaults and Long Pool. Funds were drained across Ethereum and Base: - Ethereum: wWETH, sUSDC, wBITCOIN, wPEPE vaults - Base: sUSDC, wWETH, sBTC, sVIRTUAL, sAERO, sBRETT vaults Immediate remediation was advised: revoke LP token approvals to limit further exposure after the Wasabi Protocol hack. The article notes the attack mirrors the earlier DRIFT futures incident, where an admin key (without timelock/multisig) was exploited quickly. It also links this to broader DeFi security concerns, citing multiple recent hacks and rising cumulative DeFi losses. Market context: ETH remains under pressure from ongoing DeFi trust damage, with the report describing a sideways RSI regime and a bearish Supertrend indicator.

Bearish

This news is bearish for traders because the Wasabi Protocol hack highlights a systemic DeFi governance weakness: a single admin key (ADMIN_ROLE) can bypass timelocks/multisig controls and enable rapid UUPS upgrade takeovers. That typically triggers immediate trust erosion and risk-off positioning, especially for perp and vault-heavy DeFi venues. In the short term, stolen funds and “revoke LP approvals” alerts often lead to lower liquidity, wider spreads, and caution in DeFi-related tokens, while ETH may see sell pressure from sentiment. The report’s reference to similar incidents (e.g., DRIFT) suggests traders may price in repeat-risk across other venues with comparable permission structures. In the long term, market impact depends on whether operators and the ecosystem harden permissioning (multisig, timelocks, layered roles). If mitigations quickly spread, the downside could fade; otherwise, repeated admin-key failures can keep volatility elevated and suppress DeFi allocations.