Bitget
Kelp DAO and Aave Resume Operations After $292 Million Exploit
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
On April 18, 2026, Kelp DAO suffered a significant cyberattack attributed to North Korea's Lazarus Group, resulting in the theft of approximately 116,500 rsETH tokens worth $292 million. The attackers exploited a vulnerability in the LayerZero bridge, using a fake message to release unbacked tokens. Following the incident, Kelp DAO and Aave initiated a recovery plan, which included burning the exploiter's tokens and refilling the bridge lockbox. As of May 13, 2026, Aave transferred the first tranche of 25,000 rsETH to the LayerZero OFT adapter, allowing for the resumption of withdrawals and deposits. Enhanced security measures have been implemented, including requiring four independent validators for transaction verification. The total value locked in Kelp has decreased from $2 billion to $1.55 billion since the attack. The recovery process is ongoing, with further tranches expected to be transferred over the next two weeks.
Key Points: • Kelp DAO lost approximately $292 million in a cyberattack linked to North Korea's Lazarus Group. • Aave has resumed operations for rsETH, transferring the first tranche to restore bridging functionality. • Enhanced security measures now require four validators for transaction verification to prevent future exploits.