North Korea tied to heists worth $578M in April after Kelp DAO exploit

Key Points

Large-scale coordinated attacks targeted crypto platforms
Cross-chain vulnerabilities were exploited
Security concerns are increasing across DeFi

North Korea-linked cyber groups have intensified their attacks on the crypto sector, with total thefts reaching approximately $578 million in April alone. The surge follows a massive exploit targeting Kelp DAO, marking one of the largest DeFi breaches of 2026.

Kelp DAO Hack Triggers Massive Losses

The Kelp DAO exploit stands at the center of April’s surge, with attackers stealing a massive amount in a highly sophisticated breach.

The attack targeted cross-chain infrastructure, allowing hackers to manipulate transaction verification systems and drain funds from the protocol.

This single incident became one of the largest crypto hacks of the year so far.

Total April Losses Cross $578 Million

When combined with other major exploits earlier in the month, total losses attributed to North Korean-linked actors have surged sharply in a short period.

This rapid escalation highlights a coordinated wave of attacks rather than isolated incidents.

Lazarus Group Suspected Behind Attacks

Security analysts have linked these exploits to the Lazarus Group, a state-backed hacking organization tied to North Korea.

The group has a long history of targeting crypto platforms, using advanced techniques such as infrastructure compromise, social engineering, and cross-chain manipulation.

DeFi Infrastructure Under Pressure

The attacks have exposed critical weaknesses in decentralized finance infrastructure, particularly in cross-chain communication systems.

Many protocols rely on verification systems to confirm transactions across blockchains. By exploiting these, attackers can execute unauthorized transfers.

This has raised serious concerns about the security of multi-chain ecosystems.

Market Impact and Investor Reaction

The fallout from these hacks has shaken investor confidence across the DeFi sector. Some users have withdrawn funds as security concerns rise.

The incidents have also triggered discussions around stricter security standards and better auditing practices.

Why North Korea Targets Crypto

Crypto remains an attractive target due to its global nature and ease of transfer across borders.

Stolen funds can be moved across chains and obscured, making recovery extremely difficult.

These operations are believed to support broader financial strategies under sanctions.

Outlook: Rising Cyber Threat in Crypto

The surge in large-scale exploits signals a growing threat to crypto infrastructure.

As the industry expands, attackers are becoming more sophisticated, increasing the urgency for stronger security measures across DeFi platforms.

FAQs

1. How much was stolen in April
Around $578 million from multiple crypto platforms

2. What was the biggest hack
The Kelp DAO exploit was among the largest

3. Who is behind these attacks
The Lazarus Group is widely suspected

4. Why are DeFi platforms targeted
Due to vulnerabilities in cross-chain systems

5. Can stolen funds be recovered
Recovery is difficult due to the nature of crypto transactions

Disclaimer This article is for informational purposes only and does not constitute financial advice Cryptocurrency markets are highly volatile always conduct your own research before investing