Kelp DAO bridge exploit tied to Lazarus triggers DeFi losses, legal fight, and migration
Attackers linked with North Korea’s Lazarus Group exploited Kelp DAO’s LayerZero-powered rsETH bridge by compromising off-chain verification infrastructure and abusing a 1-of-1 DVN setup, fraudulently releasing about 116,500 rsETH worth roughly $292 million. The stolen tokens were posted as collateral on Aave to borrow real assets, creating an estimated $124 million to $230 million in bad debt, driving severe liquidity stress, and contributing to a broader DeFi selloff. Kelp DAO and LayerZero publicly disputed responsibility after LayerZero first blamed Kelp’s configuration, then later acknowledged its own mistake in allowing its DVN to operate as the sole verifier for a high-value route; a later forensic report said the intrusion began with social engineering of a LayerZero developer and was attributed with high confidence to DPRK-linked TraderTraitor/UNC4899.
Arbitrum’s Security Council froze about 30,766 ETH—roughly $71 million—linked to the exploit, but the recovery effort became entangled in U.S. litigation after terrorism-judgment creditors sought to seize the assets as alleged North Korean property. A federal judge later allowed an Arbitrum DAO vote to move the frozen ETH to Aave LLC while preserving the restraining notice, leaving ownership unresolved as DeFi United worked to recapitalize rsETH, Kelp burned attacker-held tokens on Arbitrum, and most of the remaining $220 million in unfrozen funds were reportedly laundered through THORChain, Wasabi, Tornado Cash, and Umbra. In the aftermath, Kelp migrated rsETH bridging to Chainlink CCIP, and the incident accelerated broader protocol moves away from minimal LayerZero verifier configurations.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
22 events from the most recent confirmed update back to the earliest known activity.
LlamaRisk submits Aave-wide risk framework proposals
By 2026-06-09, LlamaRisk had submitted two Aave governance proposals in response to the KelpDAO exploit: a four-layer protocol-wide risk framework for Aave V3, V4, and Aave Horizon, and a proposal to migrate the Pendle PT risk oracle to protocol-owned infrastructure on Chainlink Runtime Environment. The proposals entered the community feedback stage and would advance to Snapshot and on-chain AIPs if consensus is reached.
Analysts say attacker laundered nearly all unfrozen proceeds
By 2026-06-01, on-chain analysts reported that the DPRK-linked attacker had laundered nearly all of the roughly $220 million in unfrozen funds through THORChain, Wasabi, Tornado Cash, and Umbra. The report said only the approximately $71 million frozen by Arbitrum still appeared materially recoverable.
Chainlink says over $4B had migrated to CCIP by May 20
Chainlink stated that more than $4 billion had migrated to CCIP across seven protocols by 2026-05-20, amid a broader migration wave following the Kelp exploit. The article ties the shift in cross-chain infrastructure choices to security concerns raised by the incident.
LayerZero forensic report traces breach to March 6 compromise
On 2026-05-20, LayerZero Labs published a forensic incident report saying the breach began on 2026-03-06 when a developer was socially engineered into cloning a malicious GitHub repository. The report said Mandiant and CrowdStrike attributed the operation with high confidence to UNC4899/TraderTraitor and stated Kelp’s bridge had been downgraded from 2-of-2 to 1-of-1 before the exploit.
Kelp DAO burns attacker-held rsETH and sets reopening plan
On 2026-05-13, Kelp DAO said it burned rsETH held by the attacker and published a recovery plan targeting roughly two weeks to restore liquidity and resume withdrawals. The plan said Aave’s Recovery Guardian multisig would help refill rsETH reserves during the recovery period.
Federal judge allows vote to move frozen ETH to Aave
On 2026-05-11, a federal judge modified the restraining notice so Arbitrum DAO could proceed with an on-chain vote and transfer the frozen 30,766 ETH to Aave LLC. The court said the assets would remain subject to the same freeze after transfer and did not resolve the competing ownership claims.
LayerZero apologizes and admits 1/1 DVN mistake
On 2026-05-09, LayerZero Labs publicly apologized for its handling of the exploit and acknowledged a security mistake in allowing its own DVN to operate as a 1/1 verifier for high-value transactions. The company said its internal RPC nodes were compromised, reversed earlier blame on Kelp’s configuration, and announced changes including ending support for 1/1 setups in its DVN.
Kelp DAO rebuts LayerZero and announces CCIP migration
On 2026-05-05, Kelp DAO published a rebuttal rejecting LayerZero’s claim that Kelp alone caused the exploit through a 1-of-1 DVN choice. Kelp said the compromise originated in LayerZero infrastructure and confirmed it would migrate rsETH bridging from LayerZero OFT to Chainlink CCIP.
Aave seeks emergency court relief from restraining notice
Aave LLC filed an emergency motion in U.S. District Court seeking to vacate the restraining notice that froze about $71 million in recovered ETH tied to the exploit. Aave argued the assets belonged to victims and that the legal action was obstructing the DeFi-led recovery plan.
Attorney serves Arbitrum DAO with restraining notice
On 2026-05-01, attorney Charles Gerstein served Arbitrum DAO with a restraining notice and writs of execution seeking to seize the frozen ETH on behalf of plaintiffs holding terrorism judgments against North Korea. The claim argued that public attribution of the exploit to Lazarus made the assets reachable as DPRK property.
DeFi United publishes technical recovery plan
On 2026-04-28, DeFi United released a technical plan to restore rsETH backing through governance proposals, controlled liquidations, and recapitalization tranches. The coalition said seven attacker-linked addresses still held active rsETH-backed lending positions and disclosed that LayerZero Labs pledged more than 10,000 ETH to the effort.
DeFi United reports partial progress filling rsETH shortfall
On 2026-04-24, DeFi United said 73,700 ETH of the exploit-related deficit had been filled and public commitments totaled 43,500 ETH. The update also cited Kelp’s clawback of 40,300 rsETH and the Arbitrum freeze as major recovery actions.
Aave and partners launch DeFi United recovery coalition
On 2026-04-23, Aave and several crypto firms launched the DeFi United recovery initiative to recapitalize rsETH, reduce bad debt, and stabilize affected lending markets. The coalition proposed ETH- and stETH-based contributions rather than relying solely on clawing back stolen funds.
Aave partially reopens Ethereum Core V3 WETH supply
On 2026-04-21, Aave partially rolled back emergency controls by reopening WETH supply on Ethereum Core V3 while keeping WETH collateralization disabled and other restrictions in place. The move followed the exploit’s liquidity shock and drew criticism over residual risk and looping incentives.
Arbitrum Security Council freezes 30,766 ETH tied to attacker
On 2026-04-20, Arbitrum’s Security Council used emergency powers to freeze about 30,766 ETH, worth roughly $71 million, linked to the Kelp exploit. Reports say the action was taken with law-enforcement coordination and moved the funds into a wallet that requires further governance action to move.
DeFi protocols launch aWETH Redemption Protocol
On 2026-04-20, Fluid and partners including Lido, Ether.fi, 1inch, 0x, and Kyber launched the aWETH Redemption Protocol to help Aave users exit trapped aWETH positions. The emergency mechanism was built in under 24 hours after the exploit-driven freeze in Aave’s WETH market.
Aave publishes incident report estimating bad debt
On 2026-04-20, Aave service providers released an incident report estimating potential bad debt from the Kelp exploit at $123.7 million to $230.1 million. The report said 89,567 stolen rsETH had been deposited across seven attacker-controlled wallets and recommended emergency mitigation steps.
Dune analysis finds widespread 1-of-1 DVN exposure
On 2026-04-20, Dune Analytics published research showing that about 47% of active LayerZero OApps used a minimal 1-of-1 DVN configuration. The analysis explicitly linked this weak model to the Kelp DAO exploit and released open methodology for community review.
LayerZero publicly attributes exploit to Lazarus/TraderTraitor
By 2026-04-20, LayerZero publicly blamed North Korea-linked Lazarus Group, specifically TraderTraitor, for the Kelp DAO theft. Its postmortem said compromised RPC nodes and DDoS activity enabled a forged verification path and argued Kelp’s 1-of-1 DVN setup limited the blast radius to one application.
Attackers use stolen rsETH on Aave, creating major bad debt
After the exploit, the attackers deposited stolen rsETH into Aave and borrowed real assets including WETH, creating a large collateral shortfall and estimated bad debt of roughly $124 million to $230 million. The event triggered severe liquidity stress across Aave and broader DeFi markets.
Kelp DAO pauses contracts and blocks further theft attempts
Kelp DAO froze affected contracts 46 minutes after the initial drain and blacklisted attacker addresses. The response prevented additional attempted thefts, including two later forged transactions described as totaling more than $100 million or about 40,000 rsETH each in various reports.
Kelp DAO bridge exploit drains 116,500 rsETH
On 2026-04-18, attackers exploited Kelp DAO’s LayerZero-powered Unichain-to-Ethereum bridge path and fraudulently released about 116,500 rsETH worth roughly $290-$293 million. Multiple reports tie the theft to forged cross-chain verification rather than a smart-contract flaw in Kelp’s core protocol.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
46 references tracked. Mallory keeps watching after this page renders.
Aave Proposes Protocol-Wide Risk Framework After KelpDAO Exploit - "The Defiant"
thedefiant.io
Open sourceChainlink CCIP Draws $1.1 Billion in Value in One Week as Virtuals Join Migration Wave - "The Defiant"
thedefiant.io
Open sourceKelp DAO Hacker Has Laundered Nearly All $220M in Unfrozen Funds, Closing the Recovery Window - "The Defiant"
thedefiant.io
Open sourcePost by @lazarusholic.bsky.social - Bluesky
bsky.app
Open sourcekelp-rseth-unichain-path-investigation-2026-04-19.md · GitHub
gist.github.com
Open sourceKelp Hacked, Losses Climb to $293M As Other Protocols Impacted
cointelegraph.com
Open sourceEthereum Transaction Hash: 0x1ae232da21... | Etherscan
etherscan.io
Open sourceUnclassified
layerzero.network
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Cross-chain bridge failures at CrossCurve and KelpDAO expose verifier trust risks
CrossCurve disclosed a roughly **$3 million** cross-chain bridge exploit after attackers abused a validation weakness, prompting the protocol to pursue legal action while investigators worked to trace the stolen funds. Reporting on the incident said the attack targeted the bridge’s transaction verification logic rather than a simple wallet compromise, underscoring how weaknesses in cross-chain message validation can let adversaries authorize fraudulent transfers and drain locked assets. A larger breach hit **KelpDAO**, where attackers stole about **$290 million** in `rsETH` by exploiting its LayerZero-based bridge path with effectively **`1-of-1` DVN verification**, allowing a forged packet to be accepted on Ethereum without a legitimate source-chain transaction. The theft was widely attributed to North Korea-linked **Lazarus/TraderTraitor**, and recovery efforts later included burning more than **117,000 rsETH** held by the exploiter on Arbitrum, restoring backing through an Aave-controlled recovery wallet, increasing bridge requirements to four independent attestors and 64 block confirmations, and beginning a migration to **Chainlink CCIP** after investigators characterized the incident as an operational and verification failure rather than a confirmed public smart-contract bug.
May 25, 2026
North Korean Hackers Drove Most Crypto Losses Through Drift and KelpDAO Thefts
North Korea-linked hackers were attributed to two major cryptocurrency thefts in April: the **$285 million Drift Protocol breach** and the **$292 million KelpDAO exploit**, which together accounted for **76% of all crypto hack losses recorded through April 2026**. TRM Labs said the operations fit Pyongyang’s established pattern of carrying out a small number of highly targeted, high-value intrusions rather than frequent lower-value attacks, pushing cumulative North Korea-attributed crypto theft above **$6 billion since 2017**. The two attacks used different intrusion paths and laundering chains. In the Drift case, attackers reportedly spent months on social engineering, abused **Solana durable nonce transactions**, and leveraged a governance configuration change to drain funds in about **12 minutes**. In the KelpDAO theft, the attackers allegedly exploited a **single-verifier LayerZero bridge** design after compromising internal RPC nodes and using DDoS pressure to force reliance on poisoned data. TRM said the stolen assets then moved along separate routes: Drift funds were bridged to Ethereum and left dormant, while KelpDAO proceeds were partly frozen on Arbitrum and the remainder rapidly flowed through **THORChain** into Bitcoin in a pattern resembling **TraderTraitor** operations, reinforcing THORChain’s role as a recurring laundering route in major North Korea-linked crypto heists.
May 1, 2026
Zerion and KelpDAO link security incidents to DPRK TraderTraitor activity
Zerion published a **security incident post-mortem**, and LayerZero later issued a **KelpDAO incident statement**, with both incidents being publicly tied in threat-intelligence discussion to **DPRK** activity. Social-media reporting around the disclosures specifically associated the KelpDAO case with **TraderTraitor**, the North Korean cluster known for targeting cryptocurrency and Web3 organizations through social engineering and wallet compromise. The available references do not provide technical indicators, loss figures, or a detailed attack chain, but they place both disclosures in the context of crypto-focused intrusions attributed to North Korean operators. For CISOs in digital-asset, DeFi, and wallet ecosystems, the incidents reinforce the ongoing risk from DPRK-linked campaigns that exploit trusted workflows, third-party relationships, and user-facing transaction processes to gain access and move funds.
May 12, 2026