Over the last year, lenders using decentralized finance (DeFi) platforms on Ethereum and Solana experienced losses of about $3 for every $10,000 they deposited, representing a small fraction (0.03%) of the total value locked in these platforms due to hacks and other security breaches.
The rate at which crypto keys are lost is surprisingly similar to the annual death rate from slip-and-fall accidents in the United States. Alex McFarlane, founder of Keyring Network, calculated this by analyzing data from DefiLlama on May 17th, focusing specifically on lending platforms and excluding losses related to bridge hacks.
Lending Hack Losses Stay Small Against TVL
Recent research shows that losses from lending exploits over the past 12 months totaled $30.9 million, considering a total value locked (TVL) of $99.6 billion. This equates to losses of 3.1 basis points gross, or 3 basis points after accounting for recovered funds, as of May 16th.
Over the past year, a lender spreading $10,000 across major lending platforms on Ethereum and Solana could have expected to lose around $3 due to hacks.
This calculation doesn’t account for risks related to bridges, issues with data sources (oracles), or problems unique to individual platforms. It also assumes the initial deposit wasn’t made into a market that experienced an unexpected, extreme event.
According to DefiLlama, a total of $7.75 billion has been lost to hacks in the DeFi space throughout its history. However, if you remove losses specifically from bridge hacks, the total drops to $4.52 billion, highlighting how significantly bridge incidents skew the overall picture of DeFi security.
In April, cryptocurrency hackers stole $606 million, making it the worst month for thefts since a major breach in 2025. The vast majority of these losses – 95% – came from attacks on Kelp DAO and Drift.
According to McFarlane, the most important thing to consider when evaluating the risks of hacks or crimes in the crypto world is how much money is actually lost to exploits compared to the total amount of money being used in the market. He points out that the chance of a significant hack happening is roughly equivalent to the risk of an American dying from a slip and fall. Considering this, he believes that borrowing and lending in DeFi (decentralized finance) are relatively safe, despite common anxieties.
Follow us on X to get the latest news as it happens
Diversification and Recoveries Reshape the Risk
Most cyberattacks are relatively small, but a few massive breaches cause the vast majority of overall damage. When plotted on a specific type of graph, the size of these attacks follows a predictable pattern similar to a lognormal distribution.
Typically, attacks target a single part of a financial system instead of the whole thing, and bigger systems are better able to handle losses when an attack happens.
This trend suggests it’s better to distribute investments among various DeFi lending platforms instead of keeping them all in a single place.
Recoveries of lost funds also lower the overall loss total. So far, recovered amounts across all DeFi protocols tracked by DefiLlama represent about 8% of the total losses.
Looking at lending on Ethereum Virtual Machine (EVM) and Solana networks (excluding cross-chain bridges), the total value locked reaches around 20%. A notable example is Euler Finance, where the hacker actually returned all the stolen funds following the flash loan attack in 2023.
Design Philosophy Shapes the Next Cycle
Software developers are increasingly focusing on writing simpler code as a way to improve security. Merlin Egalite, a contributor to Morpho, believes that keeping code minimal is what separates secure lending platforms from those that are vulnerable.
Securing lending protocols is particularly challenging in this field. That’s why a simple, streamlined design is so important – every addition to the code creates new potential vulnerabilities. Using immutability – preventing changes to the code after deployment – helps ensure the logic remains consistent and avoids introducing new risks.
— Merlin Egalite 🕛 (@MerlinEgalite) May 17, 2026
The $3 cost per $10,000 of insurance represents past results, not a promise of future performance. The data suggests we shouldn’t panic, but doesn’t rule out the possibility of rare, extreme events.
Most new lending activity is still happening on Aave and Morpho. So far in 2026, there have been several significant security events, like the one involving KelpDAO in April.
Losses now sit within a measurable range that lenders, insurers, and allocators can actually price.
Read More
- DASH PREDICTION. DASH cryptocurrency
- WLFI PREDICTION. WLFI cryptocurrency
- Nvidia Stock Price: Bull Flag Pattern Signals May 2026 Rally?
- EUR INR PREDICTION
- JPY KRW PREDICTION
- GBP USD PREDICTION
- Bitcoin’s Ball at Netherfield: Will It Waltz to $70K or Trip on Its Own Hem?
- Canada’s Banks Are Finally Cool Now, Thanks to Crypto ETFs!
- Bitcoin Leverage on Binance Hits Yearly High: Are Traders Overconfident?
- Solana Rises, Traders Hold Breath: A Tick Toward $90 or a Mirage?
2026-05-17 23:12