This post was originally published on Cointelgraph
Kelp DAO suffered a $292 million hack on Saturday, overtaking Drift as the largest crypto exploit of the year so far. North Korea-linked hackers are suspected to be behind the attack.
Kelp DAO said Monday that the exploit stemmed from a failure of cross-chain messaging protocol LayerZero’s infrastructure. LayerZero said the breach was enabled by Kelp DAO’s use of a single verifier configuration to approve cross-chain messages.
LayerZero said that “preliminary indicators” attributed the exploit to TraderTraitor, a subgroup of North Korea’s state-backed hacking unit known as Lazarus Group.
Blockchain investigator Tanuki42’s findings also found ties to TraderTraitor. Tanuki42 said Tuesday that funds stolen from the Kelp DAO incident have commingled with previous exploits linked to the same group.
While North Korea’s cyber activity targeting decentralized finance platforms has accelerated in April, its tactics also pose a threat to companies and end users.
Funds from the Kelp DAO exploit have commingled with wallets linked to the $1.4 billion Bybit hack in February 2025. Source: Tanuki42North Korea’s crypto schemes back in focus
The April Fools’ Day exploit on decentralized exchange Drift totaled $285 million, bringing suspected North Korea-linked crypto theft to at least $578 million across major incidents throughout the month.
The two attacks are the largest
— Read the rest of this post, which was originally published on Cointelgraph.
