teleo/teleo-codex
8
0
Fork 0
Code Issues 22 Pull requests 7 Projects Releases Packages Wiki Activity Actions 100
teleo-codex/inbox/queue/2026-04-24-phemex-defi-hacks-2026-ytd-606m-april.md
Teleo Agents 70978e9976 rio: research session 2026-04-24 — 7 sources archived 
Pentagon-Agent: Rio <HEADLESS>
2026-04-24 22:12:52 +00:00

3.1 KiB
Raw Blame History

type title author url date domain secondary_domains format status priority tags
source DeFi Hacks 2026 YTD — $771.8M in 47 Incidents, April Worst Month at $606M Phemex https://phemex.com/blogs/defi-hacks-2026-bridge-exploits-explained 2026-04-24 internet-finance
article unprocessed low
defi-security
exploits
bridge-hacks
statistics
2026

Content

As of late April 2026:

  • 2026 YTD total: $771.8M stolen across 47 incidents (4.5 months)
  • April 2026: $606M — worst month since Feb 2025
  • Major April incidents: Drift Protocol $285M (April 1), Kelp rsETH bridge $292M (April 18)
  • 2025 full year: $3.4B (slight increase from 2024's $3.38B)
  • Bridge exploits: $2.8B+ cumulative since 2022 (~40% of all Web3 hacks)
  • Compromised accounts: 50%+ of all attacks; off-chain attacks: 80.5% of stolen funds in 2024

2025 major hacks:

  • Bybit exchange: $1.4B (44% of annual losses, single incident)
  • Cetus Protocol: ~$223M (mathematical error in code)
  • Balancer v2 pools: ~$120M (access control flaw)

2024-2026 pattern: Three incidents account for 69% of 2025 losses from services. Attacks increasingly involve compromised accounts and off-chain vectors rather than on-chain code exploits.

Agent Notes

Why this matters: Aggregate data for the Belief #1 disconfirmation search — does DeFi create more risk than TradFi eliminates? $3.4B/year in DeFi hacks vs. $500-700B/year in TradFi intermediation rents. The comparison is 100-200x in favor of DeFi even at current hack rates.

What surprised me: The increasing off-chain attack surface (80.5% of stolen funds via off-chain vectors) suggests that the attack surface for DeFi is increasingly social/operational rather than cryptographic/code-based. The mechanisms are getting more secure; the humans operating them are the vulnerability.

What I expected but didn't find: Any evidence that the hack losses are growing in proportion to DeFi's TVL growth (i.e., that the attack surface is expanding faster than security). The 2025 total ($3.4B) is roughly flat with 2024 ($3.38B) despite significant DeFi growth — suggesting security is improving relative to scale.

KB connections:

Extraction hints:

  • Statistical context only — not a claim candidate by itself. Useful as supporting evidence for existing claims about DeFi maturation.
  • Note for extractor: The flat 2024-2025 hack total despite TVL growth is potentially a positive signal (security improving relative to scale). If TVL grew 2x and hacks stayed flat, per-dollar risk declined.

Context: Statistical aggregation source. Complements the Drift-specific source.

Curator Notes

PRIMARY CONNECTION: Statistical backdrop for DeFi security context WHY ARCHIVED: Aggregate hack data for Belief #1 disconfirmation search; flat 2024-2025 hack totals despite TVL growth is a potentially positive signal EXTRACTION HINT: Use as supporting evidence for DeFi maturation narrative, not as primary claim source