North Korean hackers steal $290 million from KelpDAO DeFi project

North Korean state-sponsored hackers have stolen approximately $290 million from the KelpDAO decentralized finance project in a sophisticated attack that compromised the platform's cross-chain verification system. The Lazarus Group, a hacking collective linked to the Democratic People's Republic of Korea, is believed responsible for the theft that occurred on Saturday. Blockchain data shows around 116,500 rsETH tokens worth $293 million were taken from the liquid restaking platform. KelpDAO detected suspicious cross-chain activity involving its rsETH token on April 18 and paused contracts across the Ethereum mainnet and layer-2 networks. The project launched an investigation with partners including LayerZero and Unichain. The attack targeted the decentralized verification network used to validate cross-chain messages for rsETH tokens. Hackers compromised some RPC nodes that feed blockchain data to the verifier while simultaneously conducting denial-of-service attacks against healthy nodes. This forced the system to rely on compromised nodes that provided falsified transaction data, allowing fake cross-chain messages to be accepted as valid. The technique enabled un LayerZero, the interoperability protocol used The breach also affected several lending protocols including Compound, Euler, and Aave, with Aave freezing operations involving rsETH as collateral. LayerZero noted the incident appears isolated to the rsETH token with no broader contagion across other applications or assets. The KelpDAO theft follows another major cryptocurrency heist attributed to North Korean hackers, who stole $280 million from the Drift Protocol earlier this year. That attack involved a six-month planning period with malicious actors attending conferences and making substantial deposits into the targeted project. Decentralized finance platforms continue to face sophisticated attacks as hackers develop new methods to exploit cross-chain communication systems and verification layers.