In April 2026, Kelp DAO, a liquid restaking protocol, was the victim of the largest DeFi hack of 2026 to date. The attacker stole an estimated $292 million using a combination of compromised infrastructure and a distributed denial-of-service (DDoS) attack.
Inside the Attack
The root cause of the Kelp DAO hack was the protocol’s 1-of-1 verifier configuration. When receiving messages over the cross-chain LayerZero protocol, only a single node was responsible for checking these messages before releasing funds. As a result, the attacker only had to trick a single verifier into approving a massive, fake transaction.
The attackers didn’t attempt to compromise the verifier. Instead, they targeted the remote procedure call (RPC) nodes that act as a data source for these nodes. By gaining access to two of these nodes, they had the ability to inject fake, malicious messages that they claimed arrived via the LayerZero protocol.
However, Kelp DAO had other RPC nodes that the attacker couldn’t access and that would contradict the attacker’s version of events. To fix this, they launched a DDoS attack that knocked these RPC nodes offline, forcing a failover to the attacker-controlled nodes. As a result, the verifier treated the malicious RPC nodes as the sole source of truth for inbound LayerZero messages.
Next, the attacker introduced a fake cross-chain message into the datasets provided by the RPC nodes. The verifier inspected it and authorized the release of 116,500 rsETH to attacker-controlled accounts from the Kelp cross-chain bridge. After completing this task, the malware installed on the infected RPC nodes deleted itself and local log files to help cover the attacker’s tracks.
The rsETH stolen by the attacker represented approximately 18% of the total circulating supply of the token. The attacker used these stolen tokens as collateral for loans on various platforms, allowing them to convert stolen tokens into other forms of cryptocurrency while leaving the lenders holding stolen assets. As a result, several platforms, including Aave, SparkLend, and Fluid, froze their rsETH markets to protect against accumulating additional bad debt. Additionally, over $13 billion in TVL exited various platforms in the two days following the hack, a movement linked to the Kelp DAO hack.
The Kelp DAO attack has been attributed to North Korea’s Lazarus Group. The Lazarus Group has been behind some of the most significant and expensive attacks in Web3 to-date, using a variety of sophisticated methods to perform highly targeted attacks.
Lessons Learned from the Attack
The Kelp DAO hack demonstrates the risks of centralization of critical roles in Web3. While the project had been warned in the past, Kelp DAO used a 1-of-1 verifier system to check and approve cross-chain messages.
The attackers took advantage of this fact by placing the verifier in an echo chamber that they controlled. Forcing all RPC nodes except the two that they controlled offline allowed them to forge messages that resulted in an estimated $292 million in losses.
Decentralization is a critical security best practice in the Web3 space, designed to help protect against compromised accounts and systems. For security advisory and auditing services designed to protect your organization against similar threats, get in touch.