DeFi Domino Effect and Anthropic's AI Advances

April saw significant security breaches in the DeFi sector, with major attacks impacting liquidity and market stability, alongside notable developments in AI and mining.

This month’s digest discusses security in the DeFi sector, summarizes key developments in AI, and highlights the best long-reads from April.

Topic of the Month

DeFi Domino Effect

In April, the DeFi sector faced several significant attacks, the repercussions of which extended beyond individual projects. The events of the month revealed that security issues have not only persisted but have also expanded beyond mere code vulnerabilities.

Now, even seemingly localized incidents can affect interconnected market participants, impact liquidity, and raise questions about the stability of entire segments.

The first major incident of the month was the hack of the DeFi platform Drift Protocol on Solana. Losses of $285 million made it one of the largest attacks in the industry’s history. In the aftermath, the project's market cap plummeted from $41 million to $25 million, leading users to doubt Drift's ability to recover.

However, the key event was another attack: on April 17, the Kelp liquidity re-staking protocol was compromised. Hackers siphoned approximately $293 million from the Kelp DAO cross-chain bridge built on LayerZero, subsequently depositing the funds into Aave v3 as collateral to obtain wETH.

Although Aave itself was not directly attacked, it became one of the main victims. As of April 22, users withdrew assets worth $15.1 billion from the protocol. From April 18 to 22, the total deposits in Aave fell from $48.5 billion to $30.7 billion.

The L2 network Arbitrum also faced additional pressure. As part of "emergency measures," the security council froze 30,766 ETH (~$71.2 million at the time) stolen from Kelp. These actions drew criticism from parts of the community and raised questions about the project's actual level of decentralization.

The sector's troubles did not end there: on April 22, the Volo liquidity staking protocol on the Sui blockchain was attacked. The hackers managed to withdraw about $3.5 million from the project's pools, while developers were able to freeze the remaining vulnerable smart contracts.

The events of April demonstrated that individual hacks are indicative of a broader spectrum of risks. Several analytical services linked the Drift attack to North Korea's Lazarus Group. Particularly concerning was the statement from MetaMask developer Taylor Monahan, indicating that IT specialists from North Korea have been infiltrating DeFi companies for at least seven years, including SushiSwap, Thorchain, Fantom, Shib, Yearn, and Floki.

Another vulnerability relates to the surrounding infrastructure and human factors. Cybersecurity expert Mauro Eldrich suggested that the Lazarus Group might use ordinary work calls to gain access to systems. There have been instances where hackers seized domains of DeFi projects, replacing websites with fake messages from Cloudflare requesting users to input commands for access.

Setting aside the threat's connection to a specific country, it is clear that the sector faces systemic risks that it cannot fully manage. These risks are already spreading throughout the ecosystem, affecting even those projects that are not directly attacked.

In such conditions, ensuring security becomes a continuous process that encompasses the entire stack. The sooner DeFi project teams realize this, the better their chances of mitigating the overall impact on the sector.

Key Highlights: Numbers, Charts, News

Dynamics of Major Assets

ForkLog analyzed the dynamics of major assets, the DeFi sector, and ETFs. From April 1 to 30, the cryptocurrency market capitalization rose from $2.38 trillion to $2.61 trillion, according to CoinGecko.

Last month, the price of the first cryptocurrency on Binance briefly surpassed $79,000. As of April 30, digital gold is trading above $75,900.

Since the beginning of April, the second-largest cryptocurrency has shown growth. In mid-April, Ethereum prices reached $2,466 (on Binance) but could not maintain that level. By the end of the month, the asset is trading around $2,250.

As of April 30, Bitcoin's market share was 58%, while Ethereum's was 10.4%. The cryptocurrency fear and greed index indicates negative market sentiment.

DeFi

The total value locked in DeFi protocols plummeted from $94.3 billion to $82.6 billion. In the Ethereum ecosystem, the figure dropped from $53.7 billion to $44.5 billion.

In the protocol rankings, Lido tops the list with $20.65 billion. Following it is Aave at $13.96 billion, and in third place is EigenCloud at $8.56 billion.

ETF

In April, the net inflow into Bitcoin ETFs reached $1.95 billion, with total inflows since the approval of these products amounting to $58.07 billion. The total assets under management of these funds stand at $99.27 billion.

BlackRock's IBIT accounts for $61.11 billion, followed by Fidelity's FBTC at $13.99 billion and Grayscale's GBTC at $11.39 billion.

Inflows into Ethereum ETFs totaled $379.63 million. Since their launch, these instruments have accumulated $11.94 billion. The total net asset value is $13.1 billion.

The leading funds by raised capital are BlackRock's ETHA at $7.02 billion and Grayscale's ETH at $2.02 billion.

Mining

Mining difficulty increased by 3.87% at the beginning of the month but was adjusted down by 2.43% on April 17. At the time of writing, forecasts suggest further declines.

The hash rate (seven-day moving average) exhibited significant volatility throughout the month. At its peak, it exceeded 1000 EH/s, while local lows dipped to around 930 EH/s.

Thanks to the recovery in Bitcoin prices, the hash price rose to around $36 per PH/s per day by the end of April. This increase somewhat alleviated the pressure on miners' economics, who had to sell a record 32,000 BTC in the first quarter, surpassing the total sold throughout 2025.

Bitdeer emerged as a leader among public companies in terms of total hash rate under management. Over the year, the firm increased its capacity by 504% to 69.5 EH/s, surpassing MARA and CleanSpark.

Bitdeer's "surge" is attributed to a large-scale deployment of in-house manufactured units, which now account for over 85% of its fleet.

In April, the company launched sales of its fourth-generation Bitcoin miners. The flagship model, SEALMINER A4, boasts an energy efficiency of 9.45 J/TH. Similar specifications are offered by only a few models of Antminer S23 from Bitmain. The announced third-generation Teraflux line from Auradine, with efficiency up to 9.8 J/TH, has yet to hit the market.

Major News

The identity of Satoshi Nakamoto continues to intrigue the crypto community. In April, this topic resurfaced as one of the most discussed, fueled by two "revelations."

At the beginning of the month, Pulitzer Prize-winning journalist John Carreyrou from the NYT speculated that Bitcoin was created by British cryptographer Adam Back. Over 18 months, the journalist analyzed hundreds of court records and emails, thousands of posts from cypherpunks, and found writing style similarities pointing to Back. However, he denied the claims, calling the similarities a "combination of coincidences and recurring phrases among people with similar experiences and interests."

Another theory was put forth by the creators of the documentary Finding Satoshi. Directors Tucker Tully and Matthew Mile conducted a four-year investigation led by American business writer William D. Cohen and private investigator Tyler Maroni. They compared Satoshi's online behavior patterns with the activities of known early crypto figures and concluded that Hal Finney and Len Sassaman fit the profile most closely.

The industry's reaction to the film's conclusions was muted. A community member using the pseudonym Cam noted that Sassaman did not know C++ and had never worked on a Windows computer, and was also a critic of Bitcoin. Back agreed with this assessment.

While the global community debated the journalists' and documentarians' findings, Russian cryptocurrency users were trying to determine whether the introduction of criminal liability would help transition the market into a legal framework.

Other notable events in April:

The password "123456" exposed a network of IT workers from North Korea in the crypto industry.
The loss of the largest Ethereum holder exceeded $3.8 billion.
Tether launched a "people's" Bitcoin wallet.
Journalists discovered a new Bitcoin extortion scheme for passage through the Strait of Hormuz.

Long Reads of the Month

Capitulation or Evolution: Why Miners Are Betting on Artificial Intelligence

Artificial intelligence is capturing larger segments of the market, transforming the global economy. Mining is no exception. We explore the scale of changes awaiting Bitcoin miners and how the AI revolution will impact the future of the first cryptocurrency amid instability.

The Zero-Day Vulnerability Market: Discover, Sell, and Stay Silent

Not long ago, it was believed that cyber weapons were only in the hands of certain intelligence agencies using them to surveil suspects of serious crimes. However, by 2026, a whole industry has formed around trading such tools. We explain how this market operates, who its clients and beneficiaries are.

There Is No Iran

In 1991, French sociologist and philosopher Jean Baudrillard made a provocative statement regarding the international coalition's operation against Saddam Hussein's regime, claiming, "There was no war in the Persian Gulf." We explain what he meant and why his observations remain relevant 35 years later, as the world's attention returns to the Middle East.

Also:

The End of the Monopoly on Intelligence: How Algorithms Are Displacing the Cognitive Elite.
How "Ethereum Killers" Were Killed: From Global Ambitions to Meme Coin Casinos.
Freedom Instead of Decentralization: A Dilemma of Internet Democracy.
"Good" or "Nothing"? How DAOs Are Faring in 2026.

Artificial Intelligence

Powerful Anthropic

In April, the startup Anthropic made headlines with its new AI model, Mythos. It proved so powerful in the security domain that the company decided against releasing it to the public due to high risks. Even the NSA utilizes the neural network despite a conflict with the authorities.

Instead of a public release, Anthropic launched Project Glasswing — an initiative involving AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks to test the tool in secure conditions.

The company also confirmed a leak of part of the source code for its AI programming tool, Claude Code. In an attempt to rectify the situation, it mistakenly deleted thousands of repositories on GitHub.

Among other interesting events in April:

Anthropic released an environment for launching complex and prolonged agent tasks — Claude Managed Agents.
Google invested up to $40 billion in Anthropic, deepening its partnership with the AI startup.
New Yorker journalists conducted an extensive year-and-a-half investigation into Sam Altman's activities and concluded that he often lied during his tenure as CEO of OpenAI.
Altman outlined five principles for his startup to achieve "universal AI good."
DeepSeek released a preview of its new line of language models. The flagship V4-Pro surpassed Claude Opus 4.6 and GPT-5.4, becoming the best open system.
China forced Meta to terminate its $2 billion acquisition of Manus.

Also, check out our long reads:

Capitulation or Evolution: Why Miners Are Betting on Artificial Intelligence.
The End of the Monopoly on Intelligence: How Algorithms Are Displacing the Cognitive Elite.

Monthly Highlights: DeFi Domino Effect, Powerful Anthropic, and Bitdeer's Surge