LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus
20 Apr 2026 · 05:01 UTC · CoinDesk RSS Feed · Original source
Read original at CoinDesk RSS Feed →
Summary
LayerZero has attributed a $290 million security exploit involving the Kelp protocol to North Korea's Lazarus Group. LayerZero states the breach resulted from improper setup and configuration in Kelp's system rather than flaws in LayerZero's core protocol. The incident represents a major security event in the DeFi bridge ecosystem and involves attribution to a state-sponsored threat actor.
Why it matters
Market impact mechanisms: (1) Direct losses triggering forced liquidations and withdrawals from affected protocols; (2) Contagion effects to other DeFi protocols using LayerZero infrastructure; (3) Risk revaluation across bridge protocols and DeFi ecosystem; (4) Broader crypto market risk-off sentiment as major infrastructure breach highlights vulnerabilities; (5) Potential regulatory action from Lazarus attribution. Altcoins show higher sensitivity because LayerZero is critical infrastructure for many cross-chain tokens. Bitcoin experiences lower direct impact but contagion through market-wide deleveraging. Timeframe dynamics show highest near-term altcoin impact (direct exposure) with Bitcoin's peak impact at daily timeframe (market-wide repricing). Attribution to Lazarus carries geopolitical significance as a designated threat actor. Key uncertainties include actual fund losses, protocol recovery mechanisms, regulatory scope, and whether concerns remain contained to bridges or spread sector-wide. CoinDesk source credibility of 9.5/10 is strong, though specific attribution claims require independent verification.
Expected impact
A $290 million exploit affecting LayerZero and Kelp protocols represents a significant security incident in cross-chain bridge infrastructure. LayerZero attributes the breach to North Korea's Lazarus Group and blames improper configuration in Kelp's setup. This incident will trigger immediate selling pressure in affected altcoins, particularly those relying on LayerZero infrastructure, causing sharp bearish moves across DeFi tokens. Bitcoin may experience indirect downward pressure through broader risk-off sentiment. The attribution to Lazarus introduces geopolitical dimensions and potential regulatory responses including OFAC designations. Over the near term, altcoin losses will be most pronounced due to direct exposure. Longer-term impacts depend on regulatory responses, protocol recovery efforts, and broader market confidence in bridge security. The incident reinforces concerns about centralized failure points in cross-chain infrastructure and may trigger wider reassessment of DeFi protocol security standards.