LayerZero reported that early indicators suggest the involvement of the Lazarus Group in a major exploit targeting KelpDAO, resulting in estimated losses of approximately $290 million.
According to preliminary analysis, the attack was executed באמצעות a sophisticated “RPC poisoning” technique, which targets communication infrastructure between users and blockchain networks, enabling attackers to manipulate transmitted data and exploit vulnerabilities.
In its official statement, LayerZero confirmed that investigations are ongoing, while emphasizing that there is no evidence of contagion affecting other cross-chain assets or applications, limiting broader systemic risk within the crypto ecosystem.
This incident comes amid a rising wave of cyberattacks linked to organized groups, particularly those allegedly backed by nation-states, highlighting the growing need for robust infrastructure security across the decentralized finance (DeFi) sector.