The findings were published in a Wednesday report led by managing director Nikolaos Panigirtzoglou.
Crypto News
JPMorgan analysts say recurring security breaches and weak capital growth are preventing institutions from committing to decentralized finance. The findings were published in a Wednesday report led by managing director Nikolaos Panigirtzoglou.
The Kelp DAO exploit served as the central example in the report. The attack erased an estimated $20 billion from DeFi total value locked within a matter of days, according to the analysts.
The attacker exploited a cross-chain bridge to mint $292 million in unbacked rsETH tokens. Those tokens were then used as collateral on the lending protocol Aave to borrow real Ethereum, leaving an estimated $230 million in bad debt across the protocol.
Losses did not stay contained to platforms directly exposed to rsETH. Capital fled from pools with no direct connection to the compromised asset, which the analysts said demonstrates how DeFi's interconnected structure turns localized breaches into sector-wide shocks.
LayerZero and independent blockchain security researchers have attributed the attack to North Korea's Lazarus Group. Some of the stolen funds have been frozen, while the remainder continues to move through wallets and privacy protocols.
Total hack losses across the crypto sector this year are running at roughly the same pace as 2025, the analysts noted. Smart contract auditing has improved, but cross-chain bridge security remains the segment with the highest concentration of unresolved risk.
Growth figures add to the concerns. In dollar terms, DeFi TVL has partially recovered alongside the broader crypto market. In Ethereum terms, TVL has stayed flat, which the analysts said raises questions about whether the sector can generate the organic growth needed to attract institutional capital at scale.
During periods of stress, investors have moved funds out of DeFi and into stablecoins. The analysts said USDT benefits from deeper liquidity on centralized exchanges and faster off-ramp options, positioning it as the preferred exit vehicle during on-chain stress. That rotation has not yet shown up in USDT market cap growth, the analysts added. On-chain analytics firm CryptoQuant separately reported that borrowing rates across DeFi surged sharply in the wake of the exploit, reflecting a broader liquidity squeeze that followed the attack.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
