Somewhere in the wreckage of a $290 million theft, two of DeFi’s biggest infrastructure providers are pointing fingers at each other. The hack happened on Saturday. By Sunday, the blame war was already in full swing. And behind it all, the same North Korean hacking unit that has been terrorising crypto all month appears to have struck again.
On April 18, an attacker drained 116,500 rsETH tokens worth approximately $290 million from Kelp DAO’s cross-chain bridge, making it the largest DeFi exploit of 2026 and overtaking the $285 million Drift Protocol hack from April 1. The stolen tokens were deposited into lending protocols like Aave as collateral, used to borrow real ETH, and then laundered through Tornado Cash. Aave froze its rsETH markets. Its token dropped 22.9% over the weekend. DeFi’s total value locked fell 7% in 24 hours.
Now the question everyone is asking: whose fault was it?
LayerZero’s Version
LayerZero blamed the $290 million Kelp DAO exploit on Kelp’s decision to use a single-verifier configuration, despite prior warnings to adopt a multi-verifier setup.
Here is how the attack worked in plain language. LayerZero is the messaging system that lets different blockchains talk to each other. When Kelp’s bridge needs to move rsETH from one chain to another, LayerZero’s verifier checks that the transfer is legitimate. That verifier relies on servers called RPC nodes to read data from the blockchain.
Attackers compromised two of the RPC nodes that LayerZero’s verifier relied on, replacing their software with malicious versions designed to tell the verifier that a fraudulent transaction had occurred, while continuing to report accurate data to every other system. They then launched a DDoS attack against the clean nodes, forcing the verifier to rely on the poisoned ones.
Because Kelp was running a single verifier with no backup, there was nobody else to say “wait, that transaction never happened.” The forged message went through, the bridge released 116,500 rsETH, and the attacker walked away with $290 million.
“KelpDAO chose to utilize a 1/1 DVN configuration,” LayerZero wrote. “A properly hardened configuration would have required consensus across multiple independent DVNs, rendering this attack ineffective even in the event of any single DVN being compromised.”
LayerZero says it warned Kelp to use multiple verifiers. Kelp did not listen. End of story, according to LayerZero.
Kelp’s Version
Kelp sees it very differently.
Kelp DAO is disputing LayerZero’s account, claiming that the compromised single-verifier setup relied on LayerZero’s own infrastructure and defaults rather than an outlier configuration it chose against advice.
Kelp’s argument boils down to this: they are a staking protocol, not a cross-chain security firm. When they integrated with LayerZero, they followed LayerZero’s documentation and used the settings that LayerZero’s onboarding process provided. If those default settings were insecure, that is LayerZero’s problem, not Kelp’s.
Security researchers are also not buying LayerZero’s isolated framing. Yearn Finance core developer Artem K posted a technical review of LayerZero’s public deployment code and said that the reference setup ships with single-source verification defaults across every major chain, including Ethereum, BSC, Polygon, Arbitrum, and Optimism.
If true, that is a devastating detail. It means the insecure configuration that LayerZero is blaming Kelp for choosing was actually LayerZero’s own recommended starting point. Kelp did not go out of its way to weaken security. It used what it was given.
North Korea Is the Common Thread
LayerZero attributed the attack with preliminary confidence to North Korea’s Lazarus Group, specifically its TraderTraitor subunit.
This is the same unit that drained $285 million from Drift Protocol on April 1 using a completely different attack method: social engineering Drift’s governance signers rather than poisoning infrastructure. Lazarus Group has been linked to the Drift exploit on April 1 and now Kelp on April 18, meaning the same North Korean unit has drained more than $575 million from DeFi in 18 days through two structurally different attack vectors.
That adaptability is what makes Lazarus so dangerous. They are not running the same playbook twice. At Drift, they tricked humans into signing malicious transactions. At Kelp, they poisoned the servers that verify transactions. Two completely different entry points, both targeting the weakest link in each protocol’s chain of trust.
The Fallout
The Kelp DAO exploit has triggered a $10 billion outflow from Aave due to concerns over potential bad debt on the protocol. The total value locked across the DeFi sector fell 7% in the past 24 hours to $86 billion.
Dozens of DeFi protocols have frozen their LayerZero bridges out of caution, including Ethena, ether.fi, Tron DAO, and Curve Finance. LayerZero responded by announcing it will no longer sign messages for any project running a single-verifier setup, forcing a protocol-wide migration.
Curve Finance founder Michael Egorov said the incident illustrates the dangers of relying on singular verification authorities and advised the DeFi community to minimise cross-chain infrastructure usage unless strictly essential. Ledger CTO Charles Guillemet predicted 2026 will “most likely be the worst year in terms of hacks.”
The blame game between LayerZero and Kelp will continue. Lawyers will eventually sort out who was responsible. But for the 116,500 rsETH that is now sitting in an attacker’s wallet, the answer does not matter. The money is gone, and North Korea is $290 million richer.
