North Korean state-sponsored hackers from the Lazarus Group (TraderTraitor) are believed responsible for a $290 million theft from KelpDAO, a DeFi liquid restaking project on Ethereum. Attackers targeted the DVN verification layer used to validate cross-chain messages for the rsETH token, compromising RPC nodes to feed falsified blockchain data while DDoS-ing healthy nodes. This forced the system to rely on poisoned nodes, allowing a fake cross-chain message to be accepted as valid and enabling unauthorized movement of ~116,500 rsETH. The stolen funds were routed through Tornado Cash to obscure the trail. Lending protocols Compound, Euler, and Aave were also impacted, with Aave freezing rsETH as collateral. This follows another Lazarus-linked $280 million theft from Drift Protocol.
Table of contents
Related Articles:Sort: