BroadChain, April 24, 09:30 - JPMorgan analysts noted in their latest report that persistent security vulnerabilities and stagnant total value locked (TVL) growth in the DeFi sector continue to dampen institutional investor participation. Recently, the Kelp DAO cross-chain bridge suffered a major attack, where attackers minted unbacked rsETH tokens worth $292 million and borrowed real ETH on Aave, resulting in approximately $230 million in bad debt. LayerZero and blockchain security agencies attributed the attack to the North Korean hacker group Lazarus Group, with some stolen funds frozen and the rest still in circulation.
Analysts also observed that DeFi TVL denominated in ETH has been range-bound for an extended period, raising concerns about whether DeFi can achieve organic growth sufficient to support institutional adoption. Additionally, after each security incident, users tend to move funds to USDT as a safe-haven asset, but this trend has not yet significantly driven growth in USDT market capitalization.