The Protocol: Kelp DAO exploited for $292 million
CoinDesk
Kelp DAO suffered a $292 million exploit after attackers manipulated cross-chain messaging, impacting DeFi protocols like Aave.Summary
Kelp DAO, a liquid restaking protocol, was exploited for $292 million when an attacker drained 116,500 rsETH by manipulating LayerZero's cross-chain messaging infrastructure. The attacker forged valid transfer instructions, effectively creating unbacked tokens. The stolen assets were subsequently used as collateral on Aave to borrow significant amounts of ETH, potentially exposing Aave to up to $230 million in bad debt. Security experts suggest the incident, alongside other recent hacks, reflects an evolving strategy by North Korea-linked actors to exploit systemic assumptions rather than traditional software bugs.
(Source:CoinDesk)