Aave has completed liquidating the Kelp DAO hacker’s remaining rsETH-backed loans on Ethereum and Arbitrum. These loans were among the largest positions from April’s $293 million exploit.
The move marks a key step in a broader DeFi United recovery plan. The plan aims to restore rsETH’s backing and remove bad debt from lending markets.
How the Kelp DAO rsETH Exploit Hit Aave
On April 18, an attacker exploited Kelp DAO’s LayerZero‑based rsETH bridge and minted 116,500 rsETH on Ethereum without burning tokens on the source chain. This single forged message cut the bridge’s OFT adapter balance from 116,723 rsETH to just 223 in one block, creating unbacked restaked Ether. The attacker then split the stolen rsETH across seven addresses and started using it as collateral in DeFi.
Reports from Llamarisk and other analysts say the exploiter deposited about 89,500 rsETH into Aave v3 on Ethereum and Arbitrum. From there, they borrowed tens of thousands of WETH and other assets, leaving Aave facing roughly 123 million to 230 million dollars in potential bad debt, depending on how losses are assigned. Aave’s risk teams responded by freezing all rsETH markets and urging WETH suppliers to withdraw liquidity while they assessed the situation.
Aave Clears the Hacker’s rsETH Positions
Aave Labs says it has finished liquidating the attacker’s remaining rsETH‑backed positions on Ethereum mainnet and Arbitrum. Those loans came from exploited rsETH that moved through the bridge and into Aave as collateral. By force‑closing them, Aave converts the hacker’s collateral and borrowed assets into funds that support the broader recovery.
The liquidation does not fix the hole created by unbacked rsETH. However, it stops the attacker from extracting more value. It also prevents further market manipulation using those positions.
The move gives DeFi United and other providers clearer visibility on remaining bad debt. Treasuries, insurance, or external contributors must cover that debt. Aave emphasizes its core smart contracts were not exploited.
The losses came from accepting a bridged asset with compromised backing.
This step fits into DeFi United, a wider recovery effort across Aave, Kelp DAO, Llamarisk, and other ecosystem teams. Their goal is to restore rsETH’s backing and absorb bad debt so regular DeFi users do not end up carrying losses. To do that, they are seeking support from major issuers and protocols such as Circle, Ethena, Frax, and Kraken‑backed Ink, though those commitments are not yet final.
READ MORE: Crypto Rally Today: Why Zcash, Toncoin, LUNC, and ICP are Going Up
