Inside the Kelp DAO $293M Exploit: The Bridge Attack That Rewrote DeFi Security
On April 18, 2026, North Korea's Lazarus Group stole $293 million from Kelp DAO by tricking its LayerZero bridge into minting 116,500 unbacked rsETH—an off chain infrastructure attack, not a smart contract bug—and the... The cascading damage hit Aave with a $230 million bad debt loss from fake rsETH collateral, forc...
What happened in the Kelp DAO $293 million exploit—the largest DeFi breach of 2026—including how the North Korea-linked attacker exploited oThe Kelp DAO exploit wasn't a smart contract bug—it was an attack on off-chain bridge infrastructure that no one had audited.
AI Prompt
Create a landscape editorial hero image for this Studio Global article: What happened in the Kelp DAO $293 million exploit—the largest DeFi breach of 2026—including how the North Korea-linked attacker exploited o. Article summary: On April 18, 2026, North Korea's Lazarus Group executed the largest DeFi exploit of the year, draining ~$293 million (116,500 rsETH) from Kelp DAO's cross-chain bridge by attacking off-chain LayerZero infrastructure — no. Topic tags: general, general web, user generated. Reference image context from search candidates: Reference image 1: visual subject "Kelp DAO exploit,DeFi security 2026,cross-chain bridge risks,crypto hack analysis,LayerZero vulnerability,institutional crypto adoption. # Kelp DAO Exploit: How a $293 Million DeFi" source context "Kelp DAO Exploit: $293M DeFi Hack Exposes Critical Security Risks ..." Reference image 2: visual subject "# The $290
openai.com
At 17:35 UTC on April 18, 2026, an attacker called a single function on Kelp DAO’s LayerZero-powered cross-chain bridge and walked away with 116,500 rsETH—roughly $293 million and 18% of the token’s entire circulating supply. It took 46 minutes. The attacker wasn’t exploiting a smart contract bug. They were attacking infrastructure that no one had thought to audit.
The breach, attributed to North Korea’s Lazarus Group, is the largest DeFi exploit of 2026, eclipsing the $285 million Drift Protocol hack from April 1—also Lazarus’s work, achieved through six months of social engineering . Together, these two incidents pushed total crypto stolen by North Korea past $578 million in 18 days, accounting for 76% of all hack value in 2026 at that point .
But the Kelp DAO attack was different. It wasn’t a code-level vulnerability. It was a structural failure in how DeFi trusts cross-chain messages—and the fallout exposed a blind spot the entire industry is now scrambling to fix.
How the exploit actually worked: a 1-of-1 verifier and a forged message
Kelp DAO is a liquid restaking protocol that issues rsETH across more than 20 blockchain networks via a LayerZero Omnichain Fungible Token bridge . When a user bridges rsETH back to Ethereum mainnet, LayerZero’s messaging layer delivers a cross-chain instruction that tells the mainnet bridge contract to release the tokens from escrow.
Studio Global AI
Search, cite, and publish your own answer
Use this topic as a starting point for a fresh source-backed answer, then compare citations before you share it.
What is the short answer to "Inside the Kelp DAO $293M Exploit: The Bridge Attack That Rewrote DeFi Security"?
On April 18, 2026, North Korea's Lazarus Group stole $293 million from Kelp DAO by tricking its LayerZero bridge into minting 116,500 unbacked rsETH—an off chain infrastructure attack, not a smart contract bug—and the...
What are the key points to validate first?
On April 18, 2026, North Korea's Lazarus Group stole $293 million from Kelp DAO by tricking its LayerZero bridge into minting 116,500 unbacked rsETH—an off chain infrastructure attack, not a smart contract bug—and the... The cascading damage hit Aave with a $230 million bad debt loss from fake rsETH collateral, forced the Arbitrum Security Council to freeze $71 million, and triggered a $13 billion DeFi wide liquidity panic that collap...
What should I do next in practice?
The structural lesson: DeFi security audits had been laser focused on smart contracts while ignoring bridge verifier configurations, node operational security, and off chain messaging layers—exactly the vulnerabilitie...
The security of that release depends on Decentralized Verifier Networks —off-chain nodes that attest that the message is valid. Kelp DAO configured its bridge with a 1-of-1 DVN threshold, meaning a single verifier was enough to authorize any cross-chain message .
The attacker compromised Kelp’s internal RPC nodes and DDoS’d external nodes, leaving only that single verifier operational and feeding it a forged message that claimed 116,500 rsETH had been burned on the source chain. The verifier attested to the message. The Ethereum contract obeyed. Funds were released to an attacker-controlled address .
Chainalysis confirmed that every on-chain transaction appeared legitimate to standard security tools, because the breach happened entirely off-chain at the infrastructure and node level . Traditional smart contract audits were irrelevant.
Kelp’s emergency multisig paused the contracts 46 minutes after the initial drain, preventing an additional ~$200 million in follow-up attacks .
Money laundering: how $220 million disappeared in six weeks
The attacker didn’t sit on the stolen tokens. Within hours, 89,567 of the 116,500 unbacked rsETH had been deposited into Aave V3 as collateral, and the attacker borrowed roughly 82,650 WETH and 821 wstETH—clean, liquid assets—before anyone could freeze the positions . Similar collateralized borrowing occurred on Compound and Euler, extracting approximately 74,000 clean ETH total .
Then the laundering began in earnest.
Over the following six weeks, the attacker laundered nearly all of the unfrozen stolen funds—approximately $220 million—leaving only about $1.7 million traceable in the original exploiter wallets as of June 1, 2026 . The laundering chain followed a deliberate two-stage pattern:
Stage one: Tornado Cash was used to sever initial on-chain links and obscure the transaction graph .
Stage two: Funds were routed through Wasabi Wallet for CoinJoin-style Bitcoin mixing, then bridged back to Ethereum via cross-chain protocols—primarily THORChain, which processed roughly $80 million in ETH-to-Bitcoin swaps in a single 24-hour window, pushing THORChain’s swap volume to $394 million, roughly 11x its daily average .
TRM Labs later confirmed that THORChain operated as the consistent bridge of choice across North Korea’s largest heists, with no operator willing to freeze or reject transfers during either the 2025 Bybit breach or the KelpDAO exploit .
NS3.AI also flagged a novel detail: the attackers used LayerZero itself to move at least $500,000 of the stolen funds across chains during the laundering phase—marking the first recorded instance where the same application was exploited for both the theft and part of the money laundering .
The Arbitrum Security Council freeze: $71 million caught mid-flight
Not all the funds escaped. On April 20, 2026, at 11:26 PM ET, the Arbitrum Security Council executed an emergency action to freeze 30,766 ETH—approximately $71 million, or roughly a quarter of the total stolen amount—held in an attacker-controlled address on Arbitrum One .
The Council acted with input from law enforcement and moved the funds to a governance-controlled intermediary wallet. Nine of 12 council members voted in favor of the freeze . The funds can only be released through a formal Arbitrum governance vote .
On May 8, 2026, the Arbitrum Security Council approved a joint proposal to unfreeze those funds, aiming to accelerate rsETH collateral recovery and restore liquidity for affected users. The recovery process remains ongoing with law enforcement involvement .
Aave’s $230 million wake-up call and the risk framework overhaul
Aave absorbed the most severe second-order damage. The attacker deposited 89,567 fake rsETH into Aave V3 and borrowed approximately $230 million in clean assets—loans that became unrecoverable bad debt once the rsETH was revealed as unbacked .
Aave’s Protocol Guardian froze rsETH and wrsETH reserves across all V3 deployments at approximately 19:00 UTC on April 18, setting loan-to-value ratios to zero across 11 affected markets including Ethereum, Arbitrum, Avalanche, and Optimism . WETH borrowing—a core piece of DeFi’s financial plumbing—was effectively frozen across six networks.
As of mid-May 2026, over 95% of the unbacked tokens had been recovered, with the remaining shortfall expected to be covered by the Aave DAO treasury and the DeFi United coalition . Aave restored normal wETH borrowing limits across six V3 networks on May 18, 2026 .
But the real legacy is the governance response. At Consensus Miami 2026, Aave Labs Chief Legal and Policy Officer Linda Jeng announced a fundamental overhaul of the protocol’s asset listing and collateral evaluation standards . The new framework expands beyond traditional financial risk metrics to include:
Cybersecurity vulnerabilities and operational security posture
Bridge infrastructure dependencies and single-verifier risks
Oracle dependencies and third-party contract exposure
Custodial arrangements and interoperability risks across composable protocols
Aave has already adjusted 295 risk parameters and added automated defenses that can reduce an asset’s loan-to-value ratio to zero when predefined risk thresholds are triggered . The protocol is launching a full review of every asset listed on V3 and rewriting its listing standards from the ground up .
The bigger picture: bridges are now DeFi’s primary attack surface
Kelp DAO didn’t happen in isolation. It was the second nine-figure bridge exploit in 18 days, following the Drift Protocol’s $285 million social-engineered breach on April 1—also attributed to Lazarus Group . Combined, those two incidents pushed early-2026 DeFi losses past $840 million .
The systemic fallout dwarfed the direct theft. Within 48 hours of the Kelp DAO exploit, $13.21 billion in total value locked evaporated across DeFi, with Aave alone losing 43% of its TVL across 26 tracked protocols . A $5.4 billion withdrawal panic swept the ecosystem .
The attack exposed what Chainalysis called a critical structural blind spot: DeFi security had focused overwhelmingly on smart contract audits while bridge infrastructure, node operational security, and single-verifier configurations remained largely unexamined risk vectors .
The fix is already underway. Protocols are migrating to multi-verifier bridge configurations. Aave’s new listing handbook—expected to be published as a formal playbook for asset issuers—will require projects to disclose bridge architecture, verifier decentralization, and node security practices before rsETH-like derivatives can be onboarded as collateral .
Lazarus exploited a gap between what DeFi audited and what DeFi actually depended on. The industry’s response suggests that gap is finally closing—but only after a $293 million lesson.
Comments
0 comments