Gate News message, April 20 — LayerZero released preliminary findings on the Kelp DAO exploit that occurred on April 18, attributing the attack to a highly sophisticated state-backed threat actor, likely North Korea’s Lazarus Group subgroup known as TraderTraitor. The incident resulted in the loss of 116,500 rsETH tokens worth approximately $292 million, marking the largest DeFi exploit this year.
According to LayerZero’s investigation, attackers gained access to the list of RPC nodes used by LayerZero Labs’ decentralized verifier network (DVN), a system of independent entities responsible for validating cross-chain messages. Two nodes were poisoned to transmit a fraudulent message, while attackers simultaneously launched a distributed denial-of-service attack against uncompromised nodes. The forged message was accepted because Kelp DAO configured its bridge using a single 1-of-1 DVN setup with no secondary verifier to detect or reject the fraudulent transaction. LayerZero had previously advised Kelp DAO to diversify its DVN configuration. In response, LayerZero announced it will no longer sign messages for applications using 1/1 DVN configurations and is cooperating with law enforcement to track the stolen funds.
Separately, Ethereum Name Service gateway eth.limo disclosed that its domain hijacking on Friday, April 18, was caused by a social engineering attack targeting its service provider, easyDNS. An attacker impersonated an eth.limo team member and initiated an account recovery process, gaining access to the eth.limo account and modifying DNS settings to redirect traffic to Cloudflare-controlled infrastructure. The platform serves approximately two million decentralized websites using the .eth domain system. However, the Domain Name System Security Extension (DNSSEC) limited the damage by adding cryptographic verification to DNS records; because the attacker lacked the required signing keys, many DNS resolvers rejected the manipulated records, preventing malicious redirects. EasyDNS CEO Mark Jeftovic acknowledged the breach as the first successful social engineering attack against an easyDNS client in the company’s 28-year history and stated the company is implementing security improvements to prevent similar incidents.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Kevin O'Leary Allocates 90% of Crypto Portfolio to Bitcoin and Ethereum, Dismisses Other Tokens
Kevin O'Leary has shifted 90% of his crypto investments to Bitcoin and Ethereum, dismissing other assets as "garbage." He emphasizes their liquidity and market dominance, while also investing in Bitcoin mining and AI infrastructure.
GateNews1h ago
Bitmine Records Largest Weekly Ethereum Accumulation in 4 Months with 101,627 ETH
Bitmine recently acquired 101,627 ETH, bringing its total to 4,976,485 ETH, which is 4.12% of the circulating supply. The company aims to reach 5% of total ETH supply and is the world’s largest ETH staker, recently launching an institutional staking platform.
GateNews1h ago
Whale Address 0x8Ad4 Withdraws 12,000 ETH from CEX to Repay Aave Loans
Gate News message, whale address 0x8Ad4 withdrew 12,000 ETH, valued at $27.6 million, from centralized exchanges over the past 3 hours. The withdrawn ETH was used to repay loans on Aave.
GateNews2h ago
Vitalik Buterin Outlines Ethereum's 5-Year Roadmap Focused on Quantum Security and Scalability
Vitalik Buterin presented Ethereum's five-year roadmap, focusing on quantum security and scalability. Key goals include increasing gas limits, implementing Zero Knowledge Proofs, and enhancing transaction confirmation times by 2028, despite challenges with quantum-resistant signatures.
GateNews4h ago
Bitmine bought 101,627 ETH in a single week, worth $230 million: the largest single-week purchase in 2026, with ETH holdings nearing 5 million coins
Bitmine Immersion Technologies bought 101,627 ETH against the market trend, with a total value exceeding $230 million, becoming the largest one-week purchase in 2026. The company holds nearly 5 million ETH, accounting for 4.12% of the total supply, and may affect ETH’s circulating supply and market valuation. While other treasury firms are reducing their purchases, Bitmine has strengthened its position in the ETH space with an advantage-driven strategy. Investors in Taiwan can participate by directly buying ETH, joining Bitmine, or waiting for authorization of an ETH ETF.
ChainNewsAbmedia5h ago
ETH Whale Takes Profit on 20,000 ETH Worth $46.33M, Realizes $551K Gain
On April 20, an ETH whale closed a 4,000 ETH long position, earning $144,000, while another address took profit on 20,000 ETH, realizing $551,000 in gains and holding an additional 20,000 ETH.
GateNews5h ago
