Nearly $290 million in cryptocurrency was stolen after North Korean-linked hackers known as TraderTraitor (part of the Lazarus operation) exploited a single-verifier setup tied to Kelp and LayerZero, minting fake rsETH and using it as collateral to drain funds. LayerZero blamed Kelpβs single-DVN configuration, said it will block single-verifier integrations, and affected platforms like Aave and law enforcement are involved in assessing responses. #TraderTraitor #Lazarus #LayerZero #Kelp #rsETH #Aave
Keypoints
- $290 million was stolen after attackers minted fraudulent rsETH and used it to borrow real assets.
- LayerZero says the compromise exploited Kelpβs single Decentralized Verifier Network (DVN) configuration.
- Security teams attribute the operation to North Koreaβs TraderTraitor within the Lazarus group.
- Attackers used DDoS and self-destructing tools to disable backups and evade detection.
- LayerZero will stop approving single-DVN integrations while Aave and other platforms assess remediation.
Read More: https://therecord.media/crypto-north-korea-theft-kelp