North Korea's Lazarus Group Drains $292M from Kelp DAO in AI-Powered Heist | Nobilior
πŸ“° Latest News
Luxshare's $3.1B HK IPO: Apple Supply Chain at Crossroads | Gold Plunges 11% in June as Fed Hawkishness Crushes Precious Metals | Iran Peace Talks in Doubt as Qatar Meeting Uncertain | HSBC Warns of 'Pain Trades' as Oil Shock Stirs Inflation | Kunlunxin's $50B Hong Kong IPO Signals AI Chip Market Shift Amid Memory Crunch |
πŸ“ˆ Most Bullish Sentiments 2026-07-09 hsba (0.21) | palladium (0.21) | platinum (0.21) | gold (0.19) | cost (0.18) πŸ“‰ Most Bearish Sentiments2026-07-09 china (-0.97) | kospi (-0.97) | cvx (-0.96) | north_korea (-0.95) | russia (-0.69)
Nobilior
Nobilior
  • Home Page
  • Blog
  • News
  • Global Economy
  • Tokenizer
  • Market Sentiment
    • Heatmap
    • Table
  • About US
    • Contact Us
  • Dashboard
    • Advertisement Dashboard
  • Click to open the search input fieldClick to open the search input fieldSearch
  • MenuMenu
  • Link to LinkedIn

North Korea's Lazarus Group Drains $292M from Kelp DAO in AI-Powered Heist

Published on May 19, 2026

In April 2026, North Korea's Lazarus Group executed one of the largest crypto heists of the year, draining $292 million worth of tokens from Kelp DAO by compromising internal systems used by LayerZero Labs. The attack underscores the growing sophistication of state-sponsored hacking groups and the vulnerabilities inherent in cross-chain infrastructure.

According to sources, the attackers infiltrated LayerZero Labs' internal systems, which Kelp DAO relied on for cross-chain operations. Once inside, they manipulated smart contracts to siphon funds across multiple blockchains. The stolen assets included wrapped Ether (wETH), USDC, and other tokens, which were quickly laundered through mixing services and decentralized exchanges.

This incident is part of a broader trend of AI-powered cyberattacks targeting DeFi protocols. In a recent blog post, Ethereum co-founder Vitalik Buterin argued that pairing AI-generated code with formal verification could make blockchain networks more resistant to such attacks. He cited the technique's ability to mathematically prove software correctness, reducing the risk of exploits. The post, published on May 18, 2026, can be read here.

Buterin's timing is prescient: just months earlier, AI models like Anthropic's Claude Mythos demonstrated the ability to autonomously identify vulnerabilities in software like Mozilla Firefox. The convergence of AI-driven development and state-sponsored hacking is reshaping the threat landscape for blockchain projects.

Kelp DAO, a liquid staking protocol, had grown rapidly by offering cross-chain yield opportunities. However, its reliance on LayerZero's messaging protocol created a single point of failure. Security experts note that cross-chain bridges and messaging layers are prime targets because they often involve complex code that is difficult to audit thoroughly.

Original Commentary: The Human Element

While technical fixes like formal verification are promising, the Lazarus Group heist highlights a persistent problem: human error. The breach likely resulted from compromised credentials or social engineering, not a flaw in LayerZero's code. No amount of mathematical verification can prevent an employee from clicking a malicious link. DeFi projects must invest in operational security training and multi-factor authentication to complement formal methods.

Moreover, the geopolitical dimension cannot be ignored. North Korea's cyber operations are sanctioned by the UN and fund the regime's weapons programs. This heist will likely prompt stricter KYC/AML requirements for cross-chain protocols, potentially stifling innovation in the sector.

The attack also raises questions about insurance and liability. Kelp DAO's treasury may not cover the losses, leaving users exposed. Decentralized insurance protocols like Nexus Mutual could see increased demand, but payouts remain uncertain given the complexity of cross-chain claims.

Looking ahead, the industry must accelerate the adoption of formal verification tools, as Buterin advocates. However, the Lazarus Group incident is a stark reminder that security is a holistic discipline, not a silver bullet.

Sources: CoinMarketCap Academy.

  1. North Korea's Lazarus Group stole $292M from Kelp DAO via LayerZero Labs' compromised systems.
  2. The attack highlights cross-chain infrastructure risks and the need for formal verification.
  3. Vitalik Buterin's recent post advocates AI-assisted formal verification to prevent such exploits.
  4. Human error remains a critical vulnerability; operational security is essential.
  5. Geopolitical and regulatory implications may reshape cross-chain DeFi.
Share this article:
Hashtags: #LazarusGroup #NorthKorea #KelpDAO #LayerZero #CryptoHeist #CrossChain
πŸ“Š Share your sentiment? Log in to vote

Related Articles

Mandiant Leads Forensic Probe in $280M North Korean Crypto Hack

Mandiant leads forensic investigation into $280M crypto hack by North Korean operatives, highlighting growing cybersecurity threats in digital finance.

Arbitrum Freeze Reignites DeFi Centralization Debate

Arbitrum's $71M freeze sparks debate on DeFi permissionlessness. Learn how this action challenges core crypto principles.

Ripple Shares North Korea Crypto Threat Intel

Ripple shares North Korean hacking intel with crypto industry via Crypto ISAC, focusing on social engineering attacks.

Chainlink Powers JPMorgan's $3T Tokenized Asset Settlement

JPMorgan's Kinexys platform processes over $3 trillion in transactions, leveraging Chainlink for tokenized asset settlement across blockchains.

πŸ“ˆ 1 πŸ“‰ 0
Cross-Chain Arbitrage: Building a LayerZero Bot

Explore how LayerZero enables cross-chain arbitrage, with original analysis on market impact and bot-building insights.

Nobilior

Expert Finance. Noble Vision.

Quick Links

  • Home
  • Blog
  • News
  • Sentiment Dashboard
  • Advertisement
  • Contact

Follow Us

LinkedIn Twitter GitHub

Weekly Newsletter

Get the week's most important market insights.

No spam. Unsubscribe anytime.

© 2026 Nobilior. All rights reserved.