What's Happening?
The North Korea-linked Lazarus Group has been identified as the perpetrator behind a $290 million cryptocurrency heist targeting the Kelp DAO DeFi protocol. The attack involved delivering a malicious instruction to drain 116,500 rsETH, worth approximately
$292 million. Kelp DAO responded by pausing relevant contracts and blacklisting the attackers' wallet, preventing a second attack that aimed to drain an additional 40,000 rsETH. The heist exploited vulnerabilities in LayerZero's Decentralized Verifier Network (DVN), which relies on multiple RPCs to verify cross-chain instructions. The attackers compromised two RPCs and launched a DDoS attack to trigger failover to the poisoned infrastructure, allowing their malicious instructions to pass as valid.
Why It's Important?
This incident highlights the vulnerabilities in decentralized finance (DeFi) protocols and the sophisticated methods employed by cybercriminals, particularly those linked to North Korea. The heist has significant implications for the cryptocurrency industry, as it underscores the need for robust security measures and diversified verification networks to prevent similar attacks. The fallout from the heist has affected other DeFi platforms, with Aave experiencing a nearly $8 billion drop in total value due to the hackers' actions. This event serves as a wake-up call for the industry to prioritize security and implement best practices to safeguard assets and maintain trust among users.
