A major cryptocurrency breach over the weekend has shaken the industry, with hackers stealing more than $290 million from Kelp DAO, a platform designed to generate yield on idle crypto assets.
The incident is now the largest crypto theft reported so far this year.
By Monday, blockchain project LayerZero, which was impacted by the attack, publicly pointed to North Korea as the likely source. According to the company, early evidence suggests involvement from TraderTraitor, a well-known North Korean hacking group that has repeatedly targeted crypto platforms.
LayerZero explained that the attackers exploited a vulnerability in Kelp DAO through its cross chain bridge, a system that allows different blockchains to communicate and execute transactions. The hackers were then able to take advantage of weak security settings within Kelp DAO itself, specifically the lack of multi step verification for transaction approvals. This gap made it possible to execute fraudulent transactions and drain funds without additional checks.
However, Kelp DAO has pushed back against these claims, instead placing blame on LayerZero’s infrastructure for the breach. The disagreement highlights the complexity of modern crypto systems, where multiple interconnected platforms can create blurred lines of responsibility when something goes wrong.
This latest attack continues a pattern of increasingly sophisticated crypto thefts linked to North Korea. Hackers tied to the regime have become some of the most effective actors in the space, reportedly stealing over $2 billion in cryptocurrency last year alone. Since 2017, total losses attributed to North Korean cyber operations are estimated to be around $6 billion.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
