Advertise
KelpDAO suffered a $290M exploit on April 18, 2026, after attackers used a highly targeted cross-chain message spoofing attack. According to post-incident analysis, North Korea’s Lazarus Group is the likely source. The attackers compromised and poisoned RPC nodes used by LayerZero’s DVN system, then triggered a DDoS to force failover to malicious nodes, allowing fake cross-chain messages to pass validation. The root issue was KelpDAO’s 1/1 DVN setup, which had no redundancy or backup verifiers. Only rsETH was affected, with no protocol-wide contagion, and infrastructure has since been replaced and secured.
Trust with CoinPedia:
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
Investment Disclaimer:
All opinions and insights shared represent the author's own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored and Advertisements:
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
Yes 
No 
