Kelp DAO Loses $292M in Largest DeFi Exploit of 2026, LayerZero Attributes Attack to Lazarus Group

Liquid restaking protocol Kelp DAO lost approximately $292 million in an exploit of its cross-chain bridge on April 18, in what is now the largest DeFi hack of the year. The attack triggered emergency market freezes across at least nine lending protocols and has left rsETH holders on more than 20 layer-2 networks facing uncertainty about the backing of their tokens.

An attacker drained 116,500 rsETH from Kelp DAO's LayerZero-powered bridge at 17:35 UTC on Saturday, representing about 18% of rsETH's circulating supply of 630,000 tokens. The attacker tricked LayerZero's cross-chain messaging layer into believing a valid instruction had arrived from another network, which triggered the bridge to release the funds to an attacker-controlled address.

The attacker pre-funded wallets through Tornado Cash approximately 10 hours before the drain, then successfully tricked LayerZero's EndpointV2 contract into processing what appeared to be a legitimate cross-chain instruction.

LayerZero has published its findings, placing responsibility for the exploit on Kelp's own security configuration. Attackers, whom LayerZero preliminarily linked to North Korea's Lazarus Group, compromised two RPC nodes used by LayerZero Labs' decentralised verifier network and launched a DDoS attack against the remaining clean nodes to force failover to the poisoned ones. Once failover triggered, the compromised nodes told the verifier a valid cross-chain message had arrived, and Kelp's bridge released the funds.

The attack only worked because Kelp ran a 1-of-1 verifier configuration, meaning LayerZero Labs was the sole entity verifying messages to and from the rsETH bridge. LayerZero said its public integration checklist and direct communications to Kelp had recommended a multi-verifier setup with redundancy. "KelpDAO chose to utilize a 1/1 DVN configuration," the company wrote. "A properly hardened configuration would have required consensus across multiple independent DVNs, rendering this attack ineffective even in the event of any single DVN being compromised."

LayerZero said it has found no contagion to any other application on the protocol, and that every OFT-standard token and application running multi-verifier setups was unaffected. Going forward, LayerZero said it will not sign messages from any applications using a 1-of-1 DVN configuration.

Kelp has not publicly responded to LayerZero's framing. In its initial statement on X, the protocol said it had identified suspicious cross-chain activity involving rsETH, had paused contracts across mainnet and several layer-2 networks, and was working with LayerZero, Unichain, its auditors, and external security experts on a root cause analysis.

The attacker deposited the stolen rsETH onto Aave V3 as collateral and borrowed wrapped ether against it, leaving roughly $196 million in bad debt concentrated in the rsETH-WETH pair on Ethereum, Coindesk reported . Aave first said its Umbrella reserve would cover any deficit, but later softened that language to say it would "explore paths to offset the deficit." Aave founder Stani Kulechov said the exploit was external and the protocol's own contracts were not compromised.

Aave's total value locked dropped by approximately $6.6 billion following the attack, falling from $26.4 billion on April 18 to nearly $20 billion by Sunday morning. SparkLend and Fluid froze their rsETH markets. Lido Finance paused deposits into its earnETH product because of rsETH exposure, while Ethena temporarily shut down its own LayerZero OFT bridges from Ethereum mainnet as a precaution despite having no direct rsETH exposure.

LayerZero noted that Lazarus Group has now been linked to both the Drift Protocol exploit on April 1 and the Kelp attack on April 18, meaning the same North Korean unit has drained more than $575 million from DeFi in 18 days through two structurally different attack vectors. LayerZero said it is working with multiple law enforcement agencies and actively tracking the stolen funds.