LayerZero Confirms $290M KelpDAO Exploit Tied to RPC Attack

• Attack used poisoned RPC nodes to manipulate LayerZero DVN, enabling fake transaction validation without breaching core protocol systems.
• KelpDAO’s single-verifier setup created a critical failure point, allowing attackers to exploit rsETH without multi-layer validation safeguards.
• LayerZero restored systems, dropped risky configs, and works with authorities as industry reviews infrastructure security and RPC dependencies.

A $290 million exploit struck KelpDAO on April 18, 2026, after attackers manipulated infrastructure tied to LayerZero, according to the project. The incident targeted rsETH and relied on poisoned RPC nodes. However, LayerZero said the breach remained isolated, with no impact on other applications or cross-chain assets.

Attack Traced to Compromised RPC Infrastructure

According to LayerZero, the attacker targeted its Decentralized Verifier Network, or DVN, through external infrastructure rather than protocol code. Specifically, the operation poisoned downstream RPC nodes used for transaction verification. Two independent RPC nodes were compromised, allowing attackers to inject malicious data.

However, the attacker still faced additional barriers. To complete the exploit, they launched DDoS attacks on healthy RPC nodes. This forced the system to rely on compromised endpoints. As a result, the DVN validated transactions that never occurred.

LayerZero stated the attack likely links to the Lazarus Group, particularly the TraderTraitor unit. The method relied on spoofed RPC responses that appeared normal to monitoring systems. Notably, the malicious setup erased traces after execution.

Single Verifier Setup Exposed rsETH

The breach focused entirely on rsETH issued by KelpDAO. According to LayerZero, KelpDAO used a single-DVN configuration at the time. This meant one verifier handled all validation, creating a single point of failure.

LayerZero noted it had recommended multi-DVN setups with redundancy across independent verifiers. However, KelpDAO maintained a 1-of-1 configuration. Without additional verification layers, the forged message passed unchecked.

Importantly, LayerZero confirmed no vulnerability existed within its protocol or core systems. Instead, the failure occurred at the application configuration level.

Systems Restored as Investigation Continues

Following the incident, LayerZero replaced all affected RPC nodes and restored its DVN operations. The team also began contacting projects using similar single-verifier setups. It stated these configurations would no longer receive support from its DVN.Additionally, LayerZero confirmed coordination with global law enforcement agencies. It is also working with industry partners to track stolen funds. Meanwhile, the protocol continues reviewing data tied to the exploit.

The post LayerZero Confirms $290M KelpDAO Exploit Tied to RPC Attack appears on Crypto Front News. Visit our website to read more interesting articles about cryptocurrency, blockchain technology, and digital assets.