April 2026 has shown the persistent vulnerabilities in the crypto sector, especially in decentralized finance (DeFi) . As a result, the month has recorded major exploits targeting Drift Protocol and KelpDAO. As per the data from Phoenix Group, these exploits have shaken the wider DeFi market and investor confidence. At the same time, the incidents also indicate the growing sophistication of the methods that the exploiters use to target the DeFi platforms.
BIGGEST CRYPTO EXPLOITS OF APRIL
— PHOENIX – Crypto News & Analytics (@pnxgrp) April 21, 2026
April was marked by a wave of major crypto exploits: #DriftProtocol
Exploit date: April 1, 2026
Amount lost: $285M
The attack relied on social engineering to compromise multisig governance and used Solana’s durable nonces to pre-sign admin… pic.twitter.com/YpF63bmaaE
Drift Protocol Starts April 2026 with $285M Loss with Latest Exploit
Drift Protocol, which is an open-sourced and decentralized exchange developed on the Solana blockchain, commenced its April journey with a notable exploit. Hence, on the 1st of April, the exploiter took away $285M from Drift Protocol. For this purpose, the attacker leveraged social engineering techniques.
Particularly, the exploiter compromised Drift Protocol’s multisig governance. In addition to this, the hacker also utilized the durable nonces of Solana to reportedly pre-sign admin transactions weeks ahead of the exploit. This permitted the attacker to circumvent security as well as execute the respective attack within minutes.
KelpDAO Sees Biggest DeFi Exploit of April with Loss of $293M
According to Phoenix Group, KelpDAO experienced the biggest DeFi exploit in the crypto sector in April. Specifically, on the 18th of this month, the popular liquid restaking platform went through a $293M drainage, with the attacker tricking the cross-chain messaging layer of the platform. Thus, it made the messaging layer believe the arrival of a valid instruction from another ecosystem.
As a result, due ot this, the $rsETH bridge of KelpDAO released 116,500 $rsETH to the address controlled by the attacker. Many market onlookers associate the attack with the notorious hacking group of North Korea, Lazarus Group. Overall, these DeFi exploits have substantially impacted the crypto market, displaying the requirement for more efficient security solutions.
