Skip to main content
See every side of every news story
Published loading...Updated

North Korean-backed hackers roll out new attack vector targeting crypto executives and firms

LayerZero said the breach drained an Ethereum-linked token after two servers were compromised, and researchers called it North Korea’s latest state-backed crypto operation.

  • On April 18, KelpDAO was exploited for approximately $290 million after two blockchain servers hosted by LayerZero were compromised, draining assets linked to Ethereum from the platform.
  • Preliminary indicators point to the North Korean state-sponsored Lazarus Group, LayerZero said, linking the breach to a United Nations report on North Korea's cybercrime program funding nuclear weapons development.
  • In the past two weeks alone, North Korean hackers siphoned more than $500 million from the Drift and KelpDAO exploits, a "sustained campaign" according to Natalie Newson, a senior blockchain security researcher at CertiK.
  • Security experts warned Wednesday that the Lazarus Group is running a new campaign called "Mach-O Man," which uses a "ClickFix" delivery method instructing victims to paste terminal commands to "fix a connection issue," Newson noted.
  • "What makes Lazarus especially dangerous right now is their activity level," Newson said; the crypto industry must view the collective as a constant, well-funded threat operating at state-directed institutional scale.
Insights by Ground AI

13 Articles

In an extremely complex cyberattack, unknown perpetrators may have stolen nearly $300 million worth of cryptocurrency.

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 67% of the sources lean Right
67% Right

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

Crypto Briefing broke the news on Tuesday, April 21, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

News
Feed Dots Icon
For You
Search Icon
Search
Blindspot LogoBlindspotLocal