Pray tell, dear reader, have you heard the latest tale of woe from the realm of DeFi? LayerZero, with a gravity befitting the occasion, has declared North Korea’s Lazarus Group the chief culprit behind the Kelp DAO exploit, a scandal that has seen 116,500 rsETH, valued at a staggering $292 million, vanish into the ether. A sum so grand, one might imagine it funding a thousand balls or a decade’s worth of fine muslin dresses!
- LayerZero, with a sternness that would make Mrs. Bennet proud, points the finger at Lazarus for the Kelp DAO debacle, which absconded with 116,500 rsETH, a tidy $292 million.
- The company, in a tone that suggests a lecture from Lady Catherine de Bourgh, blames Kelp DAO’s single-DVN setup, lamenting the absence of a backup verifier to thwart the forged cross-chain message.
- The exploit, like a gossip spreading through the drawing rooms of London, triggered over $10 billion in Aave outflows and a broader DeFi TVL decline.
LayerZero, with the air of a detective in a novel by Miss Austen’s contemporaries, declares early indicators point to a “highly-sophisticated state actor,” naming “DPRK’s Lazarus Group, more specifically TraderTraitor,” in its latest missive. One can almost hear the gasps of the assembled company at such a revelation!
The attack, which occurred on April 18, swiftly became the most notorious DeFi exploit of the year. LayerZero explains the attacker targeted the system used to verify cross-chain messages, allowing a false message to slip through and unlock tokens on the bridge. A scheme so cunning, it might have been devised by a villain in one of our beloved novels!
The Intrigue of Node Access and Message Forgery
LayerZero reveals the attacker gained access to the list of RPC nodes used by LayerZero Labs’ decentralized verified network, or DVN. With a slyness that would make Mr. Wickham proud, the attacker then poisoned two of these nodes, causing them to deliver a fake cross-chain message to the verifier network.
Simultaneously, the attacker launched a DDoS attack against the clean nodes, forcing the DVN to rely on the poisoned ones. This clever combination allowed the forged message to pass through the system, triggering the token unlock that led to the loss. A plot so intricate, it might have been penned by Miss Austen herself, though with far less romance and far more financial ruin!
Furthermore, LayerZero notes the damage was compounded by Kelp DAO’s use of a single 1-of-1 DVN setup with no backup verifier. This, they declare, created a single point of failure, leaving no independent check to reject the fake message before the bridge released funds. A lesson in prudence, if ever there was one!
In its statement, LayerZero observes, “operating a single-point-of-failure configuration meant there was no independent verifier to catch and reject a forged message.” It adds, with a hint of reproach, “LayerZero and other external parties previously communicated best practices around DVN diversification to KelpDAO.” The company concludes it will no longer sign messages for applications that use a 1/1 DVN setup. A firm stance, indeed, though one wonders if it is too little, too late.
Aave Outflows and DeFi Woes Follow the Exploit
The exploit sent ripples of panic through the DeFi world, as the attacker moved the stolen rsETH to Aave V3 and used it as collateral to borrow large amounts of WETH. This raised concerns over potential bad debt on Aave, prompting the protocol to freeze rsETH markets on both V3 and V4.
Aave founder Stani Kulechov announced, “RsETH has been frozen on Aave V3 and V4,” adding that the asset no longer has borrowing power due to the Kelp DAO bridge exploit. Historical data from Aavescan revealed more than $10 billion fled Aave following the attack, with total supplied funds plummeting to $35.7 billion from $45.8 billion. A financial earthquake, if ever there was one!
The fallout extended beyond Aave, as several DeFi protocols, including Ethena, ether.fi, Tron DAO, and Curve Finance, paused LayerZero OFT bridges as a precaution. A wise move, no doubt, though one wonders if it will be enough to restore confidence.
DefiLlama data showed DeFi total value locked dropped 7% in 24 hours to about $86.3 billion, down from $99.5 billion on April 18. LayerZero assures there is “zero contagion” for other assets or applications using multi-DVN setups, while law enforcement efforts to trace the funds continue. One can only hope justice will be served, though in matters of finance, as in matters of the heart, such outcomes are never certain.
Read More
- ETH PREDICTION. ETH cryptocurrency
- Gold Rate Forecast
- Warning: Binance-Listed Siren Token Rallies 30X—Here’s Why You Should Stay Away
- Brent Oil Forecast
- UK’s iCloud Backdoor Drama: Crypto Wallets in Peril 🚨
- US Treasury Secretary Demands Crypto Clarity Act to Secure America’s Financial Future
- Crypto Crime: A Carnival of Thieves and AI Detectives
- USD TRY PREDICTION
- JPMorgan Chase Abruptly Slashes 2026 S&P 500 Target Amid Oil Supply Shock and Geopolitical Concerns: Report
- Solana: The Crypto That’s Stuck in a Midlife Crisis
2026-04-20 10:54