KelpDAO Suffers $290 Million Heist Tied to Lazarus Hackers

North Korean state-sponsored Lazarus Group is the suspected actor behind a $290 million cryptocurrency theft from KelpDAO, a DeFi (decentralized finance) protocol, which occurred on Saturday. If confirmed, this would rank among the largest single crypto thefts attributed to Lazarus.

Lazarus has a well-documented pattern of targeting DeFi protocols and crypto exchanges to generate hard currency for DPRK’s sanctioned economy, with cumulative theft estimates now running into the billions of dollars. Technical details on the attack vector have not been confirmed in the feed summary.

Organizations with exposure to DeFi protocols or crypto custody should treat Lazarus-linked TTPs — including social engineering of developers, supply chain poisoning, and smart contract exploits — as live threat vectors and review their third-party dependency and wallet security posture.