ME News message, May 20 (UTC+8), LayerZero Labs released the latest incident report stating that on April 18, 2026, the KelpDAO rsETH cross-chain bridge built on its cross-chain communication protocol was attacked, with approximately 116,500 rsETH (about $292 million) stolen. Multiple security agencies including Mandiant, CrowdStrike, and independent researchers attributed the attack to the North Korean-linked hacker group TraderTraitor (UNC4899). The report shows that the attack began on March 6, 2026. The attackers infiltrated LayerZero developer accounts through social engineering, obtained session keys, penetrated the RPC cloud environment, further contaminated internal RPC node data, and manipulated returned results to deceive monitoring systems and the Decentralized Verification Network (DVN). Subsequently, the attackers launched a denial-of-service attack against external RPC providers, causing the verification system to rely on compromised nodes to generate forged cross-chain proofs, thereby successfully withdrawing funds. LayerZero pointed out that the core vulnerability this time lies in the affected application adopting a "single-verifier" configuration, causing the target contract to execute asset release upon receiving only one valid signature, leading to the theft of rsETH. After the incident, LayerZero Labs announced adjustments to security policies, including no longer allowing its own DVN to be the sole signing party in a single-verification configuration, while rebuilding the affected cloud infrastructure and introducing short-term credentials, immediate permission upgrades, and multi-party approval mechanisms to enhance security. Additionally, zeroShadow and law enforcement agencies have intervened in the investigation and asset tracking, and LayerZero stated that it will continue to strengthen cross-chain security systems with ecosystem partners to address increasingly complex state-level attack threats. (Source: ODAILY)

ZRO-5.01%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

Reward
like
Comment
Repost
Share

Comment

Add a comment

No comments

Trending Topics
View More
#
Get2SharesOfSKHynixAtZeroCost
1.64M Popularity
#
MicronOvertakesMetaInMarketValue
353.5K Popularity
#
WorldCup🇿🇦vs🇨🇦
129K Popularity
#
USMayPCEInflationRisesTo4.1%HighestIn3Years
195.96K Popularity
#
StakeUSD1Earn9.48%APR
1M Popularity

Pinned

Sitemap

LayerZero releases KelpDAO attack incident report: North Korean hacker group implicated, and security strategy will be adjusted.

Trending Topics

Get2SharesOfSKHynixAtZeroCost

MicronOvertakesMetaInMarketValue

WorldCup🇿🇦vs🇨🇦

USMayPCEInflationRisesTo4.1%HighestIn3Years

StakeUSD1Earn9.48%APR

Pinned