{"id":73598,"date":"2026-04-20T09:06:49","date_gmt":"2026-04-20T02:06:49","guid":{"rendered":"https:\/\/hbbgroup.net\/aave-sees-6-billion-deposit-drop-as-kelp-hack-exposes-structural-risk-for-defi-lender\/"},"modified":"2026-04-20T09:50:04","modified_gmt":"2026-04-20T02:50:04","slug":"aave-sees-6-billion-deposit-drop-as-kelp-hack-exposes-structural-risk-for-defi-lender","status":"publish","type":"post","link":"https:\/\/hbbgroup.net\/zh\/aave-sees-6-billion-deposit-drop-as-kelp-hack-exposes-structural-risk-for-defi-lender\/","title":{"rendered":"Aave ghi nh\u1eadn l\u01b0\u1ee3ng ti\u1ec1n g\u1eedi s\u1ee5t gi\u1ea3m 6 t\u1ef7 USD khi v\u1ee5 hack Kelp ph\u01a1i b\u00e0y r\u1ee7i ro c\u1ea5u tr\u00fac \u0111\u1ed1i v\u1edbi giao th\u1ee9c lending DeFi."},"content":{"rendered":"
\n

Token AAVE \u0111\u00e3 gi\u1ea3m 16% v\u00e0 d\u00f2ng ti\u1ec1n g\u1eedi r\u00fat kh\u1ecfi giao th\u1ee9c sau khi c\u00e1c attacker s\u1eed d\u1ee5ng rsETH b\u1ecb r\u00fat c\u1ea1n l\u00e0m t\u00e0i s\u1ea3n th\u1ebf ch\u1ea5p \u0111\u1ec3 vay wrapped ether, bu\u1ed9c Aave ph\u1ea3i \u0111\u00e1nh gi\u00e1 quy m\u00f4 bad debt m\u00e0 giao th\u1ee9c \u0111ang g\u00e1nh.<\/h4>\n

C\u1eadp nh\u1eadt: 19\/04\/2026, 15:47. Xu\u1ea5t b\u1ea3n: 19\/04\/2026, 14:56.<\/p>\n

Make preferred on <\/a><\/p>\n<\/div>\n

\n

Aave v\u1eeba ch\u1ee9ng ki\u1ebfn 6,6 t\u1ef7 USD b\u1ecb r\u00fat kh\u1ecfi giao th\u1ee9c \u2014 v\u00e0 \u0111i\u1ec1u \u0111\u00e1ng ch\u00fa \u00fd l\u00e0 b\u1ea3n th\u00e2n Aave kh\u00f4ng b\u1ecb hack.<\/p>\n

T\u1ed5ng gi\u00e1 tr\u1ecb kh\u00f3a (TVL) c\u1ee7a giao th\u1ee9c \u0111\u00e3 gi\u1ea3m t\u1eeb 26,4 t\u1ef7 USD v\u00e0o ng\u00e0y 18\/4 xu\u1ed1ng g\u1ea7n 20 t\u1ef7 USD trong phi\u00ean s\u00e1ng t\u1ea1i M\u1ef9 v\u00e0o Ch\u1ee7 nh\u1eadt, theo d\u1eef li\u1ec7u t\u1eeb DefiLlama. Token AAVE gi\u1ea3m 16% xu\u1ed1ng c\u00f2n 92 USD, trong khi ph\u00ed giao th\u1ee9c h\u00e0ng ng\u00e0y t\u0103ng v\u1ecdt l\u00ean 1,99 tri\u1ec7u USD do l\u00e0n s\u00f3ng thanh l\u00fd di\u1ec5n ra xuy\u00ean su\u1ed1t cu\u1ed1i tu\u1ea7n.<\/p>\n

Ng\u01b0\u1eddi g\u1eedi ti\u1ec1n \u0111ang r\u00fat v\u1ed1n v\u00ec Aave ph\u1ea3i g\u00e1nh m\u1ed9t \u201cl\u1ed7 h\u1ed5ng\u201d m\u00e0 h\u1ecd kh\u00f4ng tr\u1ef1c ti\u1ebfp t\u1ea1o ra. Khi attacker r\u00fat c\u1ea1n 116.500 rsETH t\u1eeb bridge c\u1ee7a Kelp v\u00e0o th\u1ee9 B\u1ea3y, h\u1ecd \u0111\u00e3 s\u1eed d\u1ee5ng s\u1ed1 token n\u00e0y l\u00e0m t\u00e0i s\u1ea3n th\u1ebf ch\u1ea5p tr\u00ean Aave V3 v\u00e0 vay ra wrapped ether (WETH).<\/p>\n

C\u00e1c c\u00f4ng c\u1ee5 theo d\u00f5i on-chain \u01b0\u1edbc t\u00ednh ri\u00eang tr\u00ean Aave, l\u01b0\u1ee3ng t\u00e0i s\u1ea3n b\u1ecb vay kho\u1ea3ng 196 tri\u1ec7u USD, trong khi t\u1ed5ng v\u1ecb th\u1ebf tr\u00ean Aave, Compound v\u00e0 Euler v\u00e0o kho\u1ea3ng 236 tri\u1ec7u USD.<\/p>\n

Aave l\u00e0 giao th\u1ee9c lending l\u1edbn nh\u1ea5t trong DeFi, n\u01a1i ng\u01b0\u1eddi d\u00f9ng g\u1eedi crypto \u0111\u1ec3 ki\u1ebfm yield v\u00e0 ng\u01b0\u1eddi kh\u00e1c vay d\u1ef1a tr\u00ean t\u00e0i s\u1ea3n th\u1ebf ch\u1ea5p. Kelp l\u00e0 m\u1ed9t giao th\u1ee9c liquid restaking, nh\u1eadn ETH \u0111\u00e3 staking tr\u00ean Ethereum, sau \u0111\u00f3 t\u00e1i ph\u00e2n b\u1ed5 qua h\u1ec7 th\u1ed1ng t\u1ea1o l\u1ee3i su\u1ea5t nh\u01b0 EigenLayer v\u00e0 ph\u00e1t h\u00e0nh token \u0111\u1ea1i di\u1ec7n l\u00e0 rsETH.<\/p>\n

Ch\u00ednh rsETH n\u00e0y \u0111\u01b0\u1ee3c giao d\u1ecbch tr\u00ean th\u1ecb tr\u01b0\u1eddng v\u00e0 \u2014 quan tr\u1ecdng h\u01a1n \u2014 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng l\u00e0m t\u00e0i s\u1ea3n th\u1ebf ch\u1ea5p tr\u00ean Aave.<\/p>\n

V\u00e0o th\u1ee9 B\u1ea3y, attacker \u0111\u00e3 khai th\u00e1c bridge cross-chain c\u1ee7a Kelp, khi\u1ebfn h\u1ec7 th\u1ed1ng ph\u00e1t h\u00e0nh 116.500 rsETH (kho\u1ea3ng 292 tri\u1ec7u USD) v\u00e0o v\u00ed do h\u1ecd ki\u1ec3m so\u00e1t. Sau \u0111\u00f3, h\u1ecd n\u1ea1p s\u1ed1 rsETH n\u00e0y v\u00e0o Aave V3 l\u00e0m collateral v\u00e0 vay WETH.<\/p>\n

Bridge l\u00e0 c\u00f4ng c\u1ee5 blockchain cho ph\u00e9p chuy\u1ec3n t\u00e0i s\u1ea3n gi\u1eefa c\u00e1c m\u1ea1ng kh\u00e1c nhau.<\/p>\n

Ban \u0111\u1ea7u, Aave cho bi\u1ebft qu\u1ef9 d\u1ef1 ph\u00f2ng Umbrella s\u1ebd b\u00f9 \u0111\u1eafp b\u1ea5t k\u1ef3 kho\u1ea3n thi\u1ebfu h\u1ee5t n\u00e0o. Tuy nhi\u00ean, \u0111\u1ebfn chi\u1ec1u th\u1ee9 B\u1ea3y, th\u00f4ng \u0111i\u1ec7p \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111i\u1ec1u ch\u1ec9nh th\u00e0nh \u201c\u0111ang xem x\u00e9t c\u00e1c ph\u01b0\u01a1ng \u00e1n \u0111\u1ec3 b\u00f9 \u0111\u1eafp th\u00e2m h\u1ee5t\u201d.<\/p>\n

M\u1ee9c \u0111\u1ed9 thi\u1ec7t h\u1ea1i t\u1eadp trung ch\u1ee7 y\u1ebfu do c\u1ea5u tr\u00fac danh m\u1ee5c vay. D\u00f9 Aave ho\u1ea1t \u0111\u1ed9ng tr\u00ean 22 chain, ri\u00eang Ethereum \u0111\u00e3 chi\u1ebfm 14,24 t\u1ef7 USD trong t\u1ed5ng 17,82 t\u1ef7 USD d\u01b0 n\u1ee3. WETH chi\u1ebfm 39,49% t\u1ed5ng kho\u1ea3n vay, khi\u1ebfn cu\u1ed9c t\u1ea5n c\u00f4ng \u0111\u00e1nh tr\u00fang \u0111\u00fang c\u1eb7p collateral\u2013WETH ch\u1ee7 \u0111\u1ea1o c\u1ee7a giao th\u1ee9c.<\/p>\n

Nh\u00e0 s\u00e1ng l\u1eadp Aave, Stani Kulechov, kh\u1eb3ng \u0111\u1ecbnh \u0111\u00e2y l\u00e0 s\u1ef1 c\u1ed1 t\u1eeb b\u00ean ngo\u00e0i v\u00e0 smart contract c\u1ee7a Aave kh\u00f4ng b\u1ecb x\u00e2m ph\u1ea1m. Tuy nhi\u00ean, vi\u1ec7c ch\u1ea5p nh\u1eadn liquid restaking token l\u00e0m t\u00e0i s\u1ea3n th\u1ebf ch\u1ea5p \u0111\u1ed3ng ngh\u0129a v\u1edbi vi\u1ec7c r\u1ee7i ro t\u1eeb b\u00ean th\u1ee9 ba (bridge) c\u00f3 th\u1ec3 lan sang giao th\u1ee9c \u2014 v\u00e0 khi t\u00e0i s\u1ea3n backing bi\u1ebfn m\u1ea5t, ng\u01b0\u1eddi g\u1eedi ti\u1ec1n v\u1eabn ch\u1ecbu \u1ea3nh h\u01b0\u1edfng.<\/p>\n

C\u00e1c liquid restaking token tr\u01b0\u1edbc \u0111\u00f3 \u0111\u01b0\u1ee3c whitelist r\u1ed9ng r\u00e3i tr\u00ean c\u00e1c giao th\u1ee9c lending l\u1edbn v\u00ec mang l\u1ea1i yield v\u00e0 chi\u1ebfm t\u1ef7 tr\u1ecdng ng\u00e0y c\u00e0ng cao trong t\u1ed5ng gi\u00e1 tr\u1ecb kh\u00f3a c\u1ee7a Ethereum.<\/p>\n

M\u00f4 h\u00ecnh qu\u1ea3n tr\u1ecb r\u1ee7i ro (risk model) \u0111\u00e3 \u0111\u1ecbnh gi\u00e1 c\u00e1c token n\u00e0y v\u1edbi gi\u1ea3 \u0111\u1ecbnh gi\u1eef \u0111\u01b0\u1ee3c peg trong \u0111i\u1ec1u ki\u1ec7n b\u00ecnh th\u01b0\u1eddng. Tuy nhi\u00ean, g\u1ea7n nh\u01b0 kh\u00f4ng c\u00f3 k\u1ecbch b\u1ea3n n\u00e0o t\u00ednh \u0111\u1ebfn vi\u1ec7c collateral c\u00f3 th\u1ec3 v\u1ec1 0 do bridge tr\u00ean m\u1ed9t chain kh\u00e1c b\u1ecb hack v\u00e0o cu\u1ed1i tu\u1ea7n.<\/p>\n

Trader Altcoin Sherpa nh\u1eadn \u0111\u1ecbnh tr\u00ean X: \u201cAAVE l\u00e0 x\u01b0\u01a1ng s\u1ed1ng c\u1ee7a DeFi, v\u1edbi h\u00e0ng t\u1ef7 USD trong \u0111\u00f3, v\u00e0 g\u1ea7n nh\u01b0 m\u1ecdi h\u1ea1 t\u1ea7ng DeFi m\u1edbi \u0111\u1ec1u fork t\u1eeb n\u00f3. Khi AAVE c\u00f3 r\u1ee7i ro l\u00e2y lan, \u0111i\u1ec1u \u0111\u00f3 cho th\u1ea5y s\u1ef1 mong manh c\u1ee7a to\u00e0n h\u1ec7 th\u1ed1ng.\u201d<\/p>\n

Hi\u1ec7n t\u1ea1i, gi\u00e1 token \u0111ang ph\u1ea3n \u00e1nh c\u00e2u h\u1ecfi l\u1edbn: li\u1ec7u qu\u1ef9 Umbrella c\u00f3 \u0111\u1ee7 \u0111\u1ec3 b\u00f9 \u0111\u1eafp kho\u1ea3n th\u00e2m h\u1ee5t hay kh\u00f4ng, v\u00e0 li\u1ec7u nh\u1eefng ng\u01b0\u1eddi n\u1eafm gi\u1eef stkAAVE \u2014 nh\u1eefng ng\u01b0\u1eddi \u0111\u1ee9ng sau qu\u1ef9 n\u00e0y \u2014 c\u00f3 ph\u1ea3i g\u00e1nh ch\u1ecbu t\u1ed5n th\u1ea5t.<\/p>\n<\/div>\n

\n
\"Hacker\"<\/figure>\n

S\u1ef1 c\u1ed1 r\u00f2 r\u1ec9 \u0111\u01b0\u1ee3c cho l\u00e0 li\u00ean quan \u0111\u1ebfn m\u1ed9t c\u00f4ng c\u1ee5 AI b\u1ecb x\u00e2m ph\u1ea1m, c\u00f3 th\u1ec3 \u0111\u00e3 l\u00e0m l\u1ed9 c\u00e1c th\u00f4ng tin x\u00e1c th\u1ef1c (credentials) \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng b\u1edfi c\u00e1c frontend c\u1ee7a \u1ee9ng d\u1ee5ng \u2014 l\u1edbp giao di\u1ec7n ng\u01b0\u1eddi d\u00f9ng k\u1ebft n\u1ed1i v\u00ed web3 v\u00e0 c\u00e1c n\u1ec1n t\u1ea3ng trading v\u1edbi h\u1ec7 th\u1ed1ng backend.<\/p>\n

Nh\u1eefng \u0111i\u1ec3m c\u1ea7n bi\u1ebft:<\/strong><\/p>\n