$92M Vanishes from DeFi Vaults in April—Another ’Code Is Law’ Wake-Up Call
Hackers siphoned nearly nine figures from decentralized finance protocols last month, exploiting smart contract vulnerabilities while crypto VCs were busy shilling their next bag.
Cross-chain bridges and yield optimizers took the brunt of the damage—same as every other ’DeFi security incident’ press release since 2021.
The irony? These heists keep happening in an industry that claims to ’bank the unbanked’ while failing to secure its own digital vaults. Maybe next time, try auditing before aping.
$92M Stolen in April DeFi Hacks | Source: x.com/immunefi
Immunefi’s report, published on April 30, said that all the April attacks targeted DeFi protocols. No centralized crypto exchanges were affected during the month.
The security firm works to protect $190 billion worth of user assets and has paid over $116 million in bug bounties to ethical hackers who report bugs before they are exploited.
Immunefi CEO Mitchell Amador warned that threats are growing. “The sheer scale of the attack shows how state-backed actors are arguably the most pressing threat to our industry,” Amador said in a statement. He said security teams need to protect every part of their systems and assume attackers will find a way in.
He added that even trusted-looking apps or emails could be traps. “Protocols must be built for resilience,” Amador said, calling for stronger defenses and a “zero-trust” mindset across all platforms.
The report also noted that April’s thefts pushed 2025’s total losses past $1.7 billion. That number has already passed the estimated $1.49 billion lost in all of 2024. The firm highlighted that despite efforts to boost cybersecurity, attacks are not slowing down. The report followed news of the record-breaking $1.5 billion hack on Bybit in February.
Also Read: Suspicious BTC Transfer Leads to XMR price Spike of Over 50%
