- Lazarus Group leverages LayerZero integration to steal $290M from Kelp DAO
- Attackers compromised servers that verified cross-chain transactions, fed fake data to authorize fake transfers
- LayerZero and Kelp DAO dispute the blame
The infamous North Korean state-sponsored hacking group, Lazarus, has done it again. It successfully walked away with $290 million in cryptocurrency after apparently exploiting a decentralized autonomous organization called Kelp DAO through a solution called LayerZero.
Kelp DAO is an organization that does not have central management or a CEO. All decisions are made jointly by members who hold governance tokens and vote on proposals. It was designed to allow users to earn returns on inactive crypto investments.
LayerZero Labs, on the other hand, builds infrastructure that lets different blockchains communicate with each other. It is a vital part of the Web3 ecosystem as different currencies operate on isolated networks. The DAO used LayerZero as a “messaging layer” between different blockchains.
The article continues below
Shifting blame
The Lazarus Group apparently tricked the system by taking control of some of the servers used to verify transactions between blockchains. They then made the fake transactions look real by feeding fake data into the system and forcing it to trust the compromised servers, allowing them to steal the money.
After the incident, LayerZero went to X to explain what happened. In an in-depth report that you can read here, it essentially said that the attackers exploited the Kelp DAO’s setup.
“We have conducted an extensive review of active integrations on the LayerZero protocol. We can confidently confirm that there is no contagion to any other asset or application,” LayerZero said. “This incident was completely isolated to KelpDAO’s rsETH configuration as a direct consequence of their single-DVN setup.”
The Kelp DAO, on the other hand, disagreed with the characterization that the incident was solely the result of its configuration.
As the two organizations shift the blame around, Lazarus celebrates another successful heist. For years, the organization has exploited vulnerable Web3 projects, bridges and DAOs to steal funds and fund North Korea’s state apparatus and weapons programs.
Via TechCrunch
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
