LayerZero xác nhận vụ tấn công KelpDAO chỉ ảnh hưởng đến cấu hình rsETH

The Huoxing Finance report states that LayerZero Labs issued a statement regarding the attack, indicating that KelpDAO suffered losses of approximately $290 million. The initial assessment identifies the attacker as Lazarus Group, with ties to North Korea (specifically TraderTraitor). The attack was executed by poisoning the downstream RPC infrastructure upon which KelpDAO’s decentralized verification network (DVN) relies; the attackers controlled certain RPC nodes and combined this with DDoS attacks to induce the system to switch to malicious nodes, thereby forging cross-chain transactions. All affected RPC nodes have been taken offline and replaced, and the DVN has now resumed operations. LayerZero emphasized that this incident was limited solely to KelpDAO’s rsETH application configuration and did not impact any other assets or applications. The reason lies in KelpDAO’s use of a single DVN (1/1) architecture at the time, failing to adopt the multi-DVN redundancy mechanism long recommended by LayerZero, resulting in a lack of independent verification nodes capable of detecting forged messages. LayerZero noted that its protocol itself had no vulnerabilities, and applications configured with multiple DVNs were unaffected, with no systemic contagion risk. LayerZero stated it will urge all projects using single-DVN configurations to migrate to multi-DVN architectures as soon as possible and has suspended signature and verification services for 1/1-configured applications. Meanwhile, the company is collaborating with global law enforcement agencies to investigate and assisting industry partners in tracking the stolen funds. LayerZero stated that this incident underscores the value of a modular security architecture while also reminding the industry to remain vigilant about potential security risks in RPC verification pathways.