Bitget
Kelp DAO Suffers $292 Million Loss in LayerZero Exploit Linked to Lazarus Group
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Kelp DAO experienced a significant security breach on April 16, 2026, resulting in the loss of $292 million due to an exploit in the LayerZero ecosystem. Attackers, believed to be associated with North Korea's Lazarus Group, targeted a vulnerability in LayerZero's infrastructure, specifically exploiting a single-validator setup. The hackers withdrew 116,500 rsETH by compromising two RPC servers in the LayerZero Labs validator network and executing a DDoS attack to redirect operations to fake nodes. Following the incident, Kelp DAO announced its transition from LayerZero to Chainlink's cross-chain infrastructure to enhance security. LayerZero's bug bounty program does not cover application-side misconfigurations, raising questions about its security practices. Nearly 47% of LayerZero applications were found to use the same vulnerable 1-of-1 validator configuration, putting $4.5 billion in assets at risk. The incident has prompted a broader examination of security standards in decentralized finance (DeFi).
Key Points: • Kelp DAO lost $292 million in an exploit linked to North Korea's Lazarus Group. • The attack exploited a single-validator configuration in LayerZero's infrastructure. • Kelp DAO is migrating to Chainlink's cross-chain infrastructure for improved security.