Kelp DAO Exploit Linked to North Korean Lazarus Group Results in $292 Million Loss
Here's what it means for you.
If you engage with decentralized finance (DeFi), this incident underscores the importance of robust security practices in cross-chain protocols.
Why it matters
This exploit highlights vulnerabilities in DeFi infrastructure, potentially shaking user confidence and impacting market stability.
What happened (in 30 seconds)
- On April 18, 2026, Kelp DAO experienced a $292 million exploit attributed to North Korea's Lazarus Group.
- Attackers compromised LayerZero's RPC nodes, deploying malicious software to manipulate transaction data and execute DDoS attacks.
- Kelp DAO paused operations shortly after the exploit, initiating fund tracing and infrastructure restoration.
The context you actually need
- Kelp DAO is a liquid restaking protocol that issues rsETH, a yield-bearing token, and relies on LayerZero's omnichain protocol for cross-chain transfers.
- LayerZero's Decentralized Verifier Networks (DVNs) are designed to enhance security, but Kelp DAO opted for a single-verifier setup, contrary to best practices.
- The Lazarus Group, a North Korean state-sponsored entity, has been linked to multiple DeFi exploits in 2026, using these funds to support regime activities amid
Frequently Asked Questions
- Why it matters?
- This exploit highlights vulnerabilities in DeFi infrastructure, potentially shaking user confidence and impacting market stability.
- What happened (in 30 seconds)?
- On April 18, 2026, Kelp DAO experienced a $292 million exploit attributed to North Korea's Lazarus Group. Attackers compromised LayerZero's RPC nodes, deploying malicious software to manipulate transaction data and execute DDoS attacks. Kelp DAO paused operations shortly after the exploit, initiating fund tracing and infrastructure restoration.
Real-time updates, analysis, and reports on the blockchain and cryptocurrency sectors.
"Crypto News delivers real-time updates, analysis, and reports on the blockchain and cryptocurrency sectors."
— A47 Editor
Kelp DAO blames LayerZero defaults for $290m rsETH bridge disaster
Kelp DAO has attributed a significant security breach, resulting in a loss of approximately $290 million from its rsETH bridge, to LayerZero's default single-validator setup. This incident has sparked a blame game between Kelp DAO and LayerZero, with...
Covers blockchain, cryptocurrency news, project analysis, and market insights.
"CoinDesk is a well-established cryptocurrency and blockchain news provider, offering comprehensive insights, market data, and industry research."
— A47 Editor
Kelp DAO claims LayerZero’s 'default' settings are what actually caused the massive $290 million disaster
Kelp DAO has claimed that the recent $290 million exploit of its liquid restaking protocol was caused by LayerZero's default settings, which allowed a compromised verifier to drain funds. The incident has raised significant concerns about the securit...
Research, news, and analysis on blockchain startups, DeFi, and regulations.
"Crypto Briefing provides research, news, and analysis on blockchain startups, DeFi, and crypto regulations with investor-focused coverage."
— A47 Editor
LayerZero says North Korean Lazarus Group behind $292M Kelp DAO attack
LayerZero has reported that the North Korean Lazarus Group is behind the recent $292 million exploit of Kelp DAO, which involved a breach of its LayerZero-powered bridge. This incident has raised significant concerns regarding the security vulnerabil...
Covers blockchain, cryptocurrency news, project analysis, and market insights.
"Cointelegraph is a leading crypto-focused media outlet known for timely news, analysis, and educational content related to blockchain and digital assets."
— A47 Editor
LayerZero says Kelp setup enabled exploit, as Aave loss questions mount
LayerZero has reported that the recent $290 million exploit of KelpDAO was facilitated by a setup that did not adhere to multi-verifier recommendations, allowing attackers to compromise the system. This incident has raised significant concerns regard...
Curated tech headlines including AI stories.
"Influential aggregator surfacing the day’s top tech/AI links."
— A47 Editor
LayerZero says North Korea's Lazarus is likely behind the $292M Kelp DAO exploit on April 18, which triggered $10B in outflows from Aave over bad debt concerns (Danny Park/The Block)
LayerZero has identified North Korea's Lazarus group as the likely perpetrator behind the $292 million exploit of Kelp DAO's LayerZero-powered cross-chain bridge, which occurred on April 18. This incident led to Kelp pausing all rsETH contracts after...
Covers blockchain, cryptocurrency news, project analysis, and market insights.
"CoinDesk is a well-established cryptocurrency and blockchain news provider, offering comprehensive insights, market data, and industry research."
— A47 Editor
LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus
LayerZero has attributed a recent $290 million exploit of the Kelp restaking platform to a setup that ignored multi-verifier recommendations, allowing attackers to compromise two RPC nodes and DDoS the rest. The incident has been linked to North Kore...
Research, news, and analysis on blockchain startups, DeFi, and regulations.
"Crypto Briefing provides research, news, and analysis on blockchain startups, DeFi, and crypto regulations with investor-focused coverage."
— A47 Editor
AAVE TVL plummets $6B after Kelp DAO hack exploits LayerZero bridge flaw
AAVE's total value locked (TVL) has plummeted by $6 billion following a significant hack of Kelp DAO, which exploited a flaw in the LayerZero bridge. The breach has raised alarms about the security vulnerabilities inherent in decentralized finance (D...
Research, news, and analysis on blockchain startups, DeFi, and regulations.
"Crypto Briefing provides research, news, and analysis on blockchain startups, DeFi, and crypto regulations with investor-focused coverage."
— A47 Editor
Kelp DAO hit by $292M bridge hack draining rsETH reserves, Aave freezes affected markets
Kelp DAO has suffered a significant security breach, with approximately $292 million drained from its reserves due to a hack targeting its LayerZero-powered bridge. This incident has led to the freezing of affected markets by Aave, which is closely l...
Research, news, and analysis on blockchain startups, DeFi, and regulations.
"Crypto Briefing provides research, news, and analysis on blockchain startups, DeFi, and crypto regulations with investor-focused coverage."
— A47 Editor
$280M KelpDAO exploit via LayerZero bridge shakes DeFi markets
A significant exploit involving KelpDAO's LayerZero-powered bridge has resulted in the loss of approximately $280 million, raising alarms about security vulnerabilities within decentralized finance (DeFi) markets. This incident has triggered emergenc...
Research, news, and analysis on blockchain startups, DeFi, and regulations.
"Crypto Briefing provides research, news, and analysis on blockchain startups, DeFi, and crypto regulations with investor-focused coverage."
— A47 Editor
Kelp DAO’s rsETH token potentially exploited, $100M at risk
Kelp DAO's rsETH token is reportedly at risk of exploitation, with estimates suggesting that up to $100 million could be compromised. This potential breach raises concerns about the security of decentralized finance (DeFi) platforms and their tokens,...