LayerZero Post-Mortem: North Korea’s Lazarus Group Poisoned KelpDAO’s Infrastructure Nodes to Steal $292 Million

LayerZero published its full post-mortem report on April 20, 2026, revealing the complete technical architecture of the KelpDAO exploit and attributing it with preliminary confidence to North Korea’s Lazarus Group, specifically the TraderTraitor subunit that has been active across multiple DeFi attacks in 2026. The post-mortem changes the understanding of what happened on April 18. The exploit was not a minting flaw in the conventional sense. It was an infrastructure poisoning attack: Lazarus Group identified the specific remote procedure call nodes that LayerZero’s verifier relied on, replaced the binary software running on those nodes with malicious versions, and used those compromised nodes to convince LayerZero that fraudulent transactions were legitimate while keeping every other monitoring system in the dark.

Key Highlights

• LayerZero’s April 20, 2026 post-mortem attributes the KelpDAO exploit to Lazarus Group’s TraderTraitor subunit with preliminary confidence
• Attackers compromised two RPC nodes in LayerZero’s verification infrastructure and replaced the binary software with malicious versions
• The malicious nodes confirmed fraudulent transactions to LayerZero’s verifier while reporting accurate data to all other monitors
• KelpDAO used a single-verifier (1-of-1 DVN) configuration that LayerZero had previously warned against in writing
• The same Lazarus unit was linked to the Drift Protocol exploit on April 1, bringing combined losses to $577 million in 18 days
• LayerZero’s core protocol was not compromised. The vulnerability was in KelpDAO’s specific infrastructure configuration.

The Attack Was Designed to Be Invisible

The most technically significant detail in LayerZero’s post-mortem is not the amount stolen but the attack’s evasion design. The Lazarus Group did not find a bug in LayerZero’s code. They found a configuration they could manipulate and built a specifically engineered deception around it. The two compromised RPC nodes were configured to tell LayerZero’s verifier that the fraudulent transactions were valid, while continuing to report accurate data to every other system querying those same nodes from different IP addresses.

This selective deception was engineered to keep the attack invisible to LayerZero’s own monitoring infrastructure. When LayerZero’s operations team queries the network nodes to check for anomalies, they use the same RPC endpoints but from different IP addresses. The malicious binary on the compromised nodes was programmed to recognise LayerZero’s monitoring IP addresses and return accurate data to those requests while returning fraudulent confirmations to the verifier’s specific request pattern. Only the verifier was deceived. Everything else looked normal. The attack ran for 46 minutes before circuit breakers halted it. The original KelpDAO exploit report identified 116,500 rsETH tokens drained, but the post-mortem explains why the monitoring systems failed to catch it in real time.

The Single-Verifier Configuration KelpDAO Ignored

LayerZero’s post-mortem places significant responsibility on KelpDAO for the outcome, even as it acknowledges the sophistication of the attack. LayerZero uses a Decentralised Verification Network system where cross-chain message verification can be configured with multiple independent verifiers. A 2-of-3 or 3-of-5 DVN configuration requires that multiple independent verifiers confirm a message before it is accepted. KelpDAO’s bridge was configured with a single verifier: a 1-of-1 setup. Compromising one verifier was sufficient to authenticate any transaction.

LayerZero states in the post-mortem that it had communicated to KelpDAO in writing that the 1-of-1 DVN configuration was insufficiently secure for a bridge holding hundreds of millions of dollars in assets. That written warning predates the attack. KelpDAO had not migrated to a multi-verifier configuration. LayerZero is explicit that the vulnerability was not in its protocol but in the specific configuration choices made by KelpDAO’s technical team. This distinction matters for how responsibility is assigned and how the DeFi industry responds. The protocol can be secure while a specific deployment of that protocol remains vulnerable to exactly the attack that occurred. The broader DeFi security crisis in April has produced $577 million in losses through two structurally different attack vectors in 18 days.

TraderTraitor: North Korea’s Most Prolific DeFi Attacker

TraderTraitor is the subunit of Lazarus Group that specialises in attacks on cryptocurrency infrastructure. The FBI identified TraderTraitor as the group responsible for the 2022 Ronin bridge hack that drained $625 million and the 2023 Atomic Wallet exploit that drained $100 million. In 2026, TraderTraitor has been linked to both the Drift Protocol social engineering attack on April 1 and now the KelpDAO RPC node poisoning on April 18. The combined losses across those two attacks total $577 million.

The two attacks represent a notable evolution in TraderTraitor’s operational approach. The Drift attack used social engineering against human key holders, compromising Drift’s Security Council through deception. The KelpDAO attack used infrastructure compromise against automated verification systems, bypassing humans entirely. Operating both attack vectors simultaneously, across two different protocols, in the same 18-day window, suggests a group with significant resources, advance intelligence gathering on target infrastructure, and the ability to execute complex technical operations concurrently. The US Department of Justice has previously sanctioned entities connected to TraderTraitor. No arrests have been made in connection with the 2026 attacks. North Korea’s Lazarus Group has stolen an estimated $3 billion from crypto protocols since 2017, making it the single most prolific threat actor in blockchain security history.

What Changes After the Post-Mortem

The LayerZero post-mortem has practical implications for every protocol using cross-chain messaging infrastructure. The specific recommendations that emerge from the KelpDAO analysis are: move to multi-verifier DVN configurations with verifiers operated by independent organisations, implement IP-based anomaly detection that can identify when the same RPC endpoint is returning different responses to different requestors, and establish operational security protocols for the physical and software security of infrastructure nodes that verifiers depend on.

None of these recommendations are new to the security research community. All of them require engineering investment and operational discipline that not every DeFi protocol maintains. The speed with which capital flows into new DeFi protocols, many of which deploy complex cross-chain infrastructure with minimal security hardening, continues to outpace the adoption of the security practices that would prevent attacks like KelpDAO. DeFi lost $168.6 million in the whole of Q1 2026. April has already shattered that figure. The post-mortem explains exactly why. Whether it changes behaviour across the industry is the question that will determine what May looks like. The wXRP Solana launch via LayerZero Core, announced within 24 hours of the post-mortem, has put additional pressure on every LayerZero-dependent product to clearly communicate its DVN configuration to users.

The TCB View

The KelpDAO post-mortem is the most technically detailed account of a North Korean crypto attack published in the current cycle, and it deserves to be read as infrastructure doctrine rather than incident history. The attack was not clever in the sense of being unpredictable. It was clever in the sense of being a precision operation against a known configuration weakness that LayerZero had explicitly flagged. KelpDAO chose not to address the warning. Lazarus Group chose to exploit it. The lesson is not that LayerZero is unsafe. The lesson is that configuring bridge infrastructure with a single point of failure and then deploying hundreds of millions of dollars through it is not a risk calculation that ends well when North Korean state actors are actively hunting for exactly that configuration. The post-mortem names the vulnerability. The industry now knows what to fix. The question is whether the fixing happens before the next $292 million disappears.