KelpDAO Bridge Exploited for $292M as Lazarus Group Linked to Attack

On April 18, 2026, attackers drained 116,500 rsETH tokens worth roughly $292 million at from KelpDAO's cross-chain bridge, triggering one of the largest DeFi exploits of the year. 

The hack wiped out about 18% of rsETH's total circulating supply of 630,000 tokens, froze markets across major lending platforms, and sent total value locked (TVL) across DeFi falling by more than $13 billion in 48 hours. 

LayerZero, whose infrastructure the bridge relied on, has since pointed to a configuration choice by KelpDAO as the root cause, while early attribution links the attack to North Korea's Lazarus Group.

How Did the KelpDAO Bridge Get Drained?

KelpDAO is a liquid restaking protocol, a type of DeFi platform that takes user-deposited ETH, routes it through EigenLayer to earn extra yield on top of standard Ethereum staking rewards, and issues rsETH as a tradeable receipt token. Think of rsETH as a claim check: it represents staked ETH and the yield it earns, and it can be traded or used as collateral across DeFi.

The bridge that was drained was built using LayerZero's OFT (Omnichain Fungible Token) standard. LayerZero is a cross-chain messaging layer, meaning it is the infrastructure that lets different blockchains send verified instructions to one another. 

KelpDAO had deployed rsETH across more than 20 networks including Base, Arbitrum, Linea, Blast, Mantle, and Scroll. The bridge held the rsETH reserves that backed the wrapped versions of the token on all of those layer 2 chains.

At 17:35 UTC on April 18, attackers tricked LayerZero's messaging layer into believing a valid cross-chain instruction had arrived from another network. That triggered KelpDAO's bridge to release 116,500 rsETH to an attacker-controlled address. 

KelpDAO's emergency multisig paused the core contracts 46 minutes later at 18:21 UTC. Two follow-up attempts, at 18:26 UTC and 18:28 UTC, both failed after the pause was already in place, according to CoinDesk. Each of those follow-up attempts carried a message trying to drain another 40,000 rsETH, worth around $100 million.

How Attackers Bypassed The Verification Layer

LayerZero has since released a detailed breakdown of how the attack worked technically, and it is more sophisticated than a simple smart contract bug.

LayerZero's bridge verification relies on RPC nodes: servers that let software read and write data on a blockchain. The attacker identified two RPC nodes that LayerZero's verifier depended on to confirm cross-chain transactions. They replaced the software running on those two nodes with malicious versions that were engineered to report one thing to LayerZero's verifier (that a valid transaction had occurred) while continuing to report accurate data to every other system querying the same nodes. That selective deception was specifically designed to stay invisible to LayerZero's own monitoring, which queries the same RPCs from different IP addresses.

Compromising two nodes alone was not enough, because LayerZero's verifier also queried uncompromised external RPC nodes. So the attackers ran a distributed denial-of-service (DDoS) attack against those external nodes to force the system to fail over to the compromised ones. 

Traffic logs shared by LayerZero show the DDoS running between 10:20 a.m. and 11:40 a.m. Pacific Time on April 18. Once the failover triggered, the poisoned nodes told the verifier a legitimate cross-chain message had arrived, and the bridge released the rsETH. The malicious node software then self-destructed, wiping its binaries and local logs.

Why Did KelpDAO's Configuration Make This Possible?

LayerZero has been direct about where it believes responsibility lies. KelpDAO ran what is called a 1-of-1 DVN configuration. DVN stands for Decentralized Verifier Network, which is LayerZero's term for the entities that verify cross-chain messages. 

Running a 1-of-1 configuration meant LayerZero Labs was the only entity confirming messages to and from the rsETH bridge. Compromise one verifier's data feed, and you can forge a valid message.

LayerZero's public integration documentation and direct communications to KelpDAO had recommended a multi-verifier setup, where consensus across several independent DVNs would be required before a message is accepted as valid. Under that setup, poisoning one verifier's data feed would not have been enough to push a fraudulent transaction through.

"KelpDAO chose to utilize a 1/1 DVN configuration," LayerZero wrote in its post-mortem. "A properly hardened configuration would have required consensus across multiple independent DVNs, rendering this attack ineffective even in the event of any single DVN being compromised."

Ripple CTO David Schwartz made a pointed observation on the same theme. He noted that when evaluating DeFi bridging systems for RLUSD, he found that most protocols had strong security mechanisms available but routinely pitched those mechanisms as optional features that added operational complexity. 

In his view, the implicit message from vendors was that customers should not bother using the most important security features because they were inconvenient. He described having a feeling that KelpDAO likely chose not to use key LayerZero security features for exactly that reason.

“I have a funny feeling part of the problem is going to be something like KelpDAO choosing not to use key LayerZero security features out of convenience,” Schwartz stated. 

KelpDAO has not publicly responded to LayerZero's framing or addressed why it operated a 1-of-1 verifier setup despite those recommendations, yet.

What Happened to rsETH After The Drain?

Because the bridge held the reserves backing rsETH on every layer 2 chain where it was deployed, the drain left holders on those networks facing a serious question: is there anything backing my tokens? That uncertainty created a feedback loop: concern about backing on layer 2s could push holders to redeem their rsETH for ETH on Ethereum mainnet, which could in turn force KelpDAO to unwind its EigenLayer restaking positions to honor those withdrawals.

KelpDAO confirmed the incident in its first public post on X at 20:10 UTC, nearly three hours after the drain. The protocol said it was working with LayerZero, Unichain, its auditors, and outside security specialists to investigate.

Which Protocols Froze Markets?

The contagion spread quickly across DeFi:

• Aave froze rsETH markets on both V3 and V4 within hours. Founder Stani Kulechov clarified that the exploit was external and Aave's own contracts were not affected.
• SparkLend and Fluid both froze their rsETH markets.
• Lido Finance paused further deposits into its earnETH product, which carries rsETH exposure, while clarifying that stETH and wstETH are unaffected.
• Ethena temporarily paused its LayerZero OFT bridges from Ethereum mainnet as a precaution, saying it has no rsETH exposure and remains more than 101% overcollateralized. 

How Much Did DeFi TVL Fall?

The financial fallout extended well beyond KelpDAO's own ecosystem. Total value locked across DeFi fell from $99 billion to $86 billion in the 48 hours following the exploit, a drop of $13.21 billion, according to data from DefiLlama. TVL is a standard measure of the combined dollar value of assets deposited across DeFi protocols and is widely used as a proxy for overall market liquidity and activity.

Aave alone saw $9.5 billion in deposits exit over that period, with its TVL declining to $17.947 billion. Protocol-level data showed double-digit percentage drops across platforms including Euler, Sentora, and Aave, with losses concentrated in lending, restaking, and yield strategies tied to rsETH collateral.

The mechanism behind those outflows was straightforward but damaging. Attackers used the stolen rsETH as collateral to borrow funds on lending platforms. Because those tokens no longer had legitimate collateral backing them, borrowing against them created potential shortfalls for lenders. It is similar to depositing counterfeit currency in a bank and taking out loans against it: the bank is left holding bad debt. Protocols responded by freezing affected markets, which in turn prompted users to pull funds broadly, accelerating the TVL decline.

AAVE fell by18% over the last 48 hours.

Is Lazarus Group Behind The Attack?

LayerZero attributed the attack with preliminary confidence to North Korea's Lazarus Group and its TraderTraitor subunit, based on analysis of the attacker's methods and infrastructure. Peter Chung, head of research at Presto Research, noted in a research note that the incident highlights risks in cross-chain infrastructure, particularly in verification systems, and that early analysis suggests the issue originated in the verification layer rather than in smart contracts themselves.

If the attribution holds, the KelpDAO exploit would represent the second major DeFi drain linked to Lazarus Group in 18 days. On April 1, Solana-based perpetuals protocol Drift was drained of about $285 million in an attack later linked to the same North Korean unit. The two attacks used structurally different methods: social engineering at Drift, and infrastructure poisoning at KelpDAO. Combined, the two incidents account for more than $575 million drained from DeFi in under three weeks.

What Has LayerZero Done Since The Attack?

LayerZero confirmed zero contagion to any other application on the protocol. Every OFT-standard token and application running multi-verifier setups was unaffected. The LayerZero Labs verifier is back online. The company also announced it will no longer sign messages for any application running a 1-of-1 DVN configuration, which effectively forces a protocol-wide migration off single-verifier setups.

Conclusion

The KelpDAO exploit was not a bug in LayerZero's code. It was a targeted infrastructure attack made possible by a single configuration decision: running a 1-of-1 verifier setup despite documented recommendations against it. Attackers, preliminarily attributed to North Korea's Lazarus Group, poisoned RPC nodes, forced a failover through a coordinated DDoS, and drained 116,500 rsETH before KelpDAO could pause its contracts. The downstream effects included over $13 billion in DeFi TVL wiped out in 48 hours, freezes across Aave, SparkLend, Fluid, and Lido, and a broader conversation about the gap between the security features cross-chain bridges offer and the features their integrators actually use.

Resources

1. Lookonchain on X: Posts (April 18 - April 20)

2. Report by CoinDesk: 2026's biggest crypto exploit: $292 million gets drained from Kelp DAO with wrapped ether stranded across 20 chains

3. LayerZero on X: Post on April 20

4. Report by The Block: Kelp DAO's rsETH bridge apparently exploited for roughly $292 million in LayerZero-based attack

5. DeFiLlama portal: DeFi TVL data