LayerZero says Lazarus likely behind $292M Kelp DAO exploit that sparked $10B Aave exodus

What happened

Kelp DAO was hit by a roughly $292 million exploit on April 18, and the shockwaves were immediate. It has been reported that LayerZero — a cross‑chain messaging protocol that helped trace the incident — believes North Korea‑linked hacking group Lazarus is likely behind the attack. The finding, if true, would add another high‑profile crypto theft to a long list of alleged Lazarus operations.

The fallout

The exploit didn’t stay isolated. It has been reported that the incident triggered about $10 billion in outflows from Aave as users and liquidity providers scrambled to withdraw assets amid fears of bad debt and contagion across lending markets. Panic drives moves faster than facts in crypto; in this case, the market’s reflex was to dash for the exits, leaving protocols to iron out potential insolvency risks.

Why it matters

Allegations of state‑linked attackers operating in decentralized finance raise the political and security stakes. Is this just another big loss, or the start of a coordinated campaign to weaponize on‑chain finance? Either way, the episode exposes how fragile cross‑chain plumbing and market confidence can be when hundreds of millions move in minutes. For now, forensics and recovery efforts are underway — and the industry is left picking up the pieces and asking how to stop the next one.

Sources: theblock.co