Registration
 
All news
Top Stories
Editors' Picks
Stocks
Crypto
Financial News
Currencies
Commodities
Companies
Central Banks
Olga Shendetskaya
Olga Shendetskaya

Lazarus Group linked to biggest DeFi exploit of 2026

Lazarus Group linked to biggest DeFi exploit of 2026
Major DeFi hack linked to North Korean hackers

​LayerZero has attributed the largest DeFi exploit of 2026 to North Korea’s state-backed Lazarus Group, also known as TraderTraitor. The attack on April 18 resulted in the theft of 116,500 rsETH tokens worth approximately $292 million from the liquid restaking protocol Kelp DAO.

Highlights

  • LayerZero attributes the $292 million Kelp DAO hack to North Korea’s Lazarus Group.
  • The attack exploited a single-verifier (1-of-1) setup on the bridge.
  • DeFi TVL fell by more than $13 billion in two days following the exploit.

How the attack unfolded

According to LayerZero, the hackers compromised the list of RPC nodes used by its decentralized verifier network (DVN). They compromised two nodes to broadcast a forged cross-chain message, while simultaneously launching a DDoS attack on legitimate nodes. This forced the system to rely on the compromised ones, allowing the fake message to pass verification and trigger an unauthorized token unlock on the bridge. 

LayerZero emphasized that the breach succeeded largely because Kelp DAO relied on a single-verifier setup (1-of-1 configuration) without any backup. This created a single point of failure with no independent check to reject the fraudulent message. The company noted it had previously warned Kelp DAO about the risks of such a setup and recommended diversifying its DVN configuration. 

“Using a single point of failure meant there was no independent verifier to detect and reject fake messages,” LayerZero stated. The firm has now announced it will no longer sign messages for any applications using the vulnerable 1/1 DVN setup. 

Ripple effects across DeFi

The exploit triggered a sharp decline in the broader decentralized finance sector. Total value locked (TVL) in DeFi protocols dropped more than $13 billion over two days, falling from $99.5 billion to $86.3 billion. The attacker transferred the stolen rsETH to Aave V3, using it as collateral to borrow large amounts of WETH. This raised concerns about potential bad debt, prompting Aave to freeze rsETH markets on both V3 and V4 versions.

The incident has heightened tensions across the DeFi ecosystem and underscored ongoing vulnerabilities in cross-chain bridges, even as the core LayerZero infrastructure itself was not directly breached. 

Persistent risks in cross-chain infrastructure

The Kelp DAO incident serves as a stark reminder of the dangers posed by insufficient security measures in interoperability protocols. 

While multi-verifier systems remained unaffected, the reliance on a lone verifier created an exploitable weakness. 

As DeFi continues to grow, such events highlight the need for stricter standards in bridge configurations and the importance of heeding prior security recommendations to protect user funds.

Earlier, we reported about the impact on Aave and systemic risks for DeFi.

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.

Editor's Picks for You

Bitcoin price prediction and Bollinger Bands: Can BTC recover after falling to $63,000?
  • By Mikhail Vnuchkov
  • 21 hours ago
Bitcoin price prediction and Bollinger Bands: Can BTC recover after falling to $63,000?
Editors' Picks
FIFA World Cup on blockchain: Where football meets crypto
  • By Oleg Tkachenko
  • Yesterday
FIFA World Cup on blockchain: Where football meets crypto
Editors' Picks
Aliens, Satoshi, and Bitcoin: How the extraterrestrial theory emerged
  • By Pavlo Kot
  • 21.06.2026
Aliens, Satoshi, and Bitcoin: How the extraterrestrial theory emerged
Editors' Picks
All Editors' Top Picks

Latest DeFi News

April hack wave wiped $13 billion from DeFi liquidity
  • By Pavlo Kot
  • 16.06.2026
April hack wave wiped $13 billion from DeFi liquidity
Crypto
#Crypto #DeFi #Binance
Standard Chartered expects DeFi market to hit $2.7 trillion by 2030
  • By Mikhail Vnuchkov
  • 15.06.2026
Standard Chartered expects DeFi market to hit $2.7 trillion by 2030
Crypto
#Crypto #Forecast #DeFi
Trust Wallet adds bStocks for tokenized U.S. securities
  • By Hanna Syniavska
  • 12.06.2026
Trust Wallet adds bStocks for tokenized U.S. securities
Crypto
#Crypto #DeFi
All DeFi News
  • Mikhail Vnuchkov
  • 21 hours ago
Bitcoin price prediction and Bollinger Bands: Can BTC recover after falling to $63,000?
  • Oleg Tkachenko
  • Yesterday
FIFA World Cup on blockchain: Where football meets crypto
  • Pavlo Kot
  • 21.06.2026
Aliens, Satoshi, and Bitcoin: How the extraterrestrial theory emerged
  • Pavlo Kot
  • 20.06.2026
Blockchain nation in crisis: How a power struggle split Liberland
  • Eugene Komchuk
  • 19.06.2026
Shifting priorities: Governments back mining as businesses turn to AI
  • Parshwa Turakhiya
  • 26 min ago
Tesla sees 25-75 percent corrections near ATH, Jason Pizzino notes
  • Hanna Syniavska
  • 41 min ago
Ki Young Ju: Strategy BTC purchases act as liquidity sink, not catalyst
  • Anastasiia Chabaniuk
  • 1 hour ago
Spiros Margaris: Oracle cuts 21,000 roles amid AI transition
  • Oleg Tkachenko
  • 1 hour ago
Michael Pettis: Pimco views China as a global disinflationary force due to manufacturing priorities
  • Jose Antonio Gastelum
  • 1 hour ago
Franklin Templeton creates crypto division during market pullback, Jordan Kerridge notes
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.
Top News
  • Olga Shendetskaya
  • 16 hours ago
Digital euro gains momentum as Europe seeks payment independence
Digital euro gains momentum as Europe seeks payment independence
  • Hanna Syniavska
  • 18 hours ago
Oracle workforce shrinks 13% over past year as AI push accelerates
Oracle workforce shrinks 13% over past year as AI push accelerates
  • Andrey Mastykin
  • 20 hours ago
U.S. stock futures fall as investors pull back from tech shares
U.S. stock futures fall as investors pull back from tech shares
  • Igor Krasulya
  • 21 hours ago
Meta takes minority stake in Indian fintech Cred
Meta takes minority stake in Indian fintech Cred
  • Olga Shendetskaya
  • 22 hours ago
Oil market slips despite lingering risks around Iran deal
Oil market slips despite lingering risks around Iran deal
Live News
  • Anton Kharitonov
  • Now
Goog;e pulls back as AI talent concerns pressure sentiment
  • Anton Kharitonov
  • Now
Apple pulls back below $300 as AI doubts offset strong fundamentals
  • Mykhailo Ihnatenko
  • Now
Tesla struggles below key resistance amid market uncertainty
  • Mykhailo Ihnatenko
  • Now
AMD faces rising correction risks despite AI sector optimism
  • Anton Kharitonov
  • Now
Bitcoin holds near $62,000 as weak risk appetite weighs
Who We Are
Business Solutions
For Users
TU News
Popular Sections
Disclosures
CONTACT US
Legal
We are in Social Media
© IAFT Ltd., 2010-2026 All rights to the website are owned by IAFT Ltd.,
Registration number - HE 336186
  • Risk disclosure:

    Information on the TradersUnion.com website is for informational purposes only and does not constitute any motive or suggestion to visitors to invest money. Moreover, we hereby warn you that trading on the Forex and CFD markets is always a high risk. According to the statistics, 75-89% of customers lose the funds invested and only 11-25% of traders earn a profit. Trading in futures and options carries substantial risk of loss and is not suitable for every investor.

    That is why you should only invest money that you are prepared — or can afford — to lose at such high risks. Tradersunion.com does not provide any financial services, including investment or financial advisory services. Also, the Traders Union is not a broker and does not get money for trading in the Forex or CFD markets. Our website only provides information on brokers and the markets and helps its users to select the best brokerage company based on detailed information and objective analysis of brokers.

  • Disclaimer:

    Traders Union (TradersUnion.com) shall not be liable for the consequences of trading decisions made by the Client and for the possible loss of his capital resulting from the use of this website and information published on it.

    Forex market, CFD and cryptocurrency trading involves high risks and is not suitable for everyone. Before investing money, you need to adequately assess the level of your expertise and be aware of the risks, particularly in the context of trading with leverage. The information on this website is not intended for distribution or use by any person in any country or jurisdiction, where such distribution or use would be in violation of the local law or regulation. Any payments by Traders Union (TradersUnion.com) to the users of our website shall be legally interpreted solely as an incentive on our part for the activity on the website in the form of a deduction of a part of the advertising income; they shall not be a subject of any claims of our users or our obligations, a subject of disputes, as well as cannot be considered in relation to the services provided to users by brokers, both in fact and in their completeness and volume. The administration of the website shall not be liable for the content of user comments and reviews about the companies and shall not verify whether the authors of the reviews are indeed real clients of a specific company. All reviews, both negative and positive are published on the website without verification of their reliability; only offensive reviews that call for violence or any kind of discrimination and also reviews published from one group of IP addresses are moderated and removed. The authors of the materials shall be fully liable for the accuracy, completeness and impartiality of any information in the articles and reviews, including in the context of their use or mention of any brand names or trademarks. All mentions of the names of companies and their brands in any materials on the website shall be made in the context of communication of socially important information to the people about their activities by independent journalists, who are the authors. All evaluations and indicators on the website express the subjective opinion of the authors of the reviews (articles) and shall not be viewed as accurate statements and be a subject of disputes and claims against Traders Union.

  • Disclosure of advertisers and revenues:

    All the services on the Tradersunion.com website are free for you to use. Our team spends thousands of hours per annum researching brokers and gathering information about them to help investors all over the world to choose reliable companies and to avoid fraudsters.

    Indeed, the curating, sourcing, and organization of this process requires substantial financial investment by Tradersunion.com, which the website earns in the form of advertising payments. There are two types of advertising services on the website — direct advertising or partner (broker) participation programs. However, no services purchased by our partners shall affect the recommendations on our website, or our opinions, or ratings. Our ratings are based on our objective rating criteria and methodology; and the results are always equally and fairly applied to each broker. The work of our content authors and research groups does not involve any interaction with our advertisers and they do not have access to data concerning the amount of advertising purchased. For over 10 years we consider our independence, absolute openness, and objectivity as our main priority. Please follow the links to each of our affiliated broker’s websites. This will help Tradersunion.com to continue to provide our services to you for free.

onepercentfortheplanet.org World Association of News Publishers https://gdpr.eu/ GDPR