The DeFi sector faced a significant setback recently when two platforms, Loopscale and Term Finance, were exploited, resulting in losses exceeding $7 million. These incidents have raised concerns about the security vulnerabilities of DeFi platforms in 2025.

Loopscale disclosed a breach on April 26 that led to the loss of approximately $5.8 million from its USDC and SOL vaults. The exploit was due to under-collateralized loans facilitated by a flaw in the RateX-based collateral pricing system, affecting depositors in the SOL and USDC Genesis vaults. Following the breach, Loopscale paused its markets temporarily to evaluate the impact and has now resumed some functions while restricting vault withdrawals.

In an effort to recover the stolen funds, Loopscale offered a 10% reward to the attacker and proposed a whitehat agreement, urging the return of 90% of the assets by a specified deadline. The platform is collaborating with security firms and law enforcement to address the situation.

Term Finance, an Ethereum-based platform specializing in fixed-rate lending, also suffered a security incident on the same day. A faulty update to its tETH oracle led to losses of around $1.5 million in liquidations, but the issue was contained within the tETH markets, with no exploitation of smart contracts. The platform assured users of the security of other funds and committed to fully reimbursing those affected by the incident.

These events are part of a concerning pattern in 2025, with cryptocurrency projects experiencing losses approaching $2 billion this year. High-profile breaches, such as Bybit's $1.46 billion hack in February, have shaken confidence in the industry. Tim Haldorsson, founder of Lunar Strategy, questioned the risk-return ratio of DeFi investments, suggesting that when factoring in hack-related losses, traditional investments like bonds may offer a more secure alternative to chasing high yields in the DeFi space.