Key Takeaways:
- KelpDAO was exploited to the tune of approximately $290M in a targeted attack involving a more advanced attacker, most likely a Lazarus Group.
- The attack took advantage of a single-DVN configuration, which poses a critical point of failure.
- LayerZero assures zero impact on other apps, and the incident is completely segregated.
The cross-chain security has been questioned by a large-scale DeFi exploit due to the KelpDAO becoming a victim of one of the highest exploits in 2026. LayerZero has published a breakdown that describes the core issue and refutes the allegations of a protocol-level weakness.
KelpDAO Exploit Breakdown
On April 18, an attack on the rsETH system of KelpDAO cost the organization about $290 million. LayerZero indicates that there was no exploit of smart contract bugs or key leakage.
— LayerZero (@LayerZero_Core) Read Entire Article
English (US)