North Korean hackers, Lazarus, have reportedly walked away with $290 million in a large crypto theft. The group has reportedly exploited a Decentralized Autonomous Organization called Kelp DAO through a solution called LayerZero. The hack is apparently the largest crypto theft of the year so far, surpassing the $285 million Drift exchange hack in April.
North Korean hackers Lazarus linked to $290M Crypto theft
For context, Kelp DAO is an organization that doesn’t have central management or a CEO. The decisions are taken collectively by members who hold governance tokens and vote on proposals. It allows users to earn yields on idle crypto investments. LayerZero Labs, on the other hand, builds infrastructure that lets different blockchains communicate with each other. It’s an important part of the Web3 ecosystem since different currencies operate on isolated networks. The Kelp DAO used LayerZero as a “messaging layer” between different blockchains.
The Lazarus group tricked the system by taking control of some servers that help verify transactions between blockchains. By controlling those servers, they fed fake data into the system and made fraudulent transactions appear legitimate, letting them steal funds.
The group tricked the system
LayerZero, after the incident, took to X to explain what happened. It basically noted that the attackers exploited Kelp DAO’s setup. “We have conducted a comprehensive review of active integrations on the LayerZero protocol. We can confirm with confidence that there is zero contagion to any other asset or application. This incident was isolated entirely to KelpDAO’s rsETH configuration as a direct consequence of their single-DVN setup,” LayerZero said.
Meanwhile, Kelp DAO disagreed that the incident was because of its configuration. While the blame shifts between sides, Lazarus pulled off another successful heist. The organization has exploited vulnerable Web3 projects, bridges, and DAOs for years to steal funds and finance North Korea’s programs.
The post North Korea’s Lazarus Steals $290M in Large Crypto Heist appeared first on Android Headlines.
