GoKawiilIn Brief
Over the weekend, hackers stole more than $290 million in cryptocurrency from Kelp DAO, a protocol that allows users to earn yields on idle crypto investments.
By Monday, LayerZero, one of the projects affected by the hack, accused North Korea of carrying out the heist. The hack is now the largest crypto theft of the year so far, following an earlier hack at crypto exchange Drift in April that netted hackers around $285 million.
Per its post on X, LayerZero said the hackers exploited Kelp DAO via its LayerZero bridge, which allows different blockchains to send instructions to each other. The hackers then took advantage of Kelp’s own security configuration, which did not require multiple verifications before approving transactions. That allowed the hackers to siphon off the funds with fraudulent transactions.
The company cited “preliminary indicators” that point to North Korea as the culprit, in particular its hacking group that targets crypto known as TraderTraitor.
Kelp DAO responded to LayerZero blaming it for the theft instead.
In the last few years, North Korean hackers working for Kim Jong Un’s regime have become highly successful at stealing crypto. Last year, North Korean hackers stole more than $2 billion in crypto. Overall, since 2017, the total amount of stolen crypto by North Korea is said to be around $6 billion.