North Korean Hackers Blamed for $290 Million KelpDAO Crypto Heist: A Sophisticated Raid

The largest cryptocurrency theft of the year so far has been linked to state-backed North Korean hackers, with the decentralized finance protocol KelpDAO losing approximately $290 million in rsETH tokens over the weekend. The KelpDAO crypto heist has sent shockwaves through the DeFi community, highlighting the growing sophistication of threat actors targeting cross-chain infrastructure.

How the KelpDAO Crypto Heist Unfolded

KelpDAO operates as a liquid restaking protocol, accepting Liquid Staking Tokens (LSTs) such as stETH, ETHx, and sfrxETH, and issuing rsETH in return. On Saturday, the firm detected suspicious cross-chain activity involving rsETH, prompting an immediate pause of operations.

According to the company, attackers stole 116,500 rsETH—worth around $293 million—and funneled the funds through Tornado Cash to obscure the trail. The breach exploited the LayerZero infrastructure that KelpDAO relies on for cross-chain communication.

LayerZero uses Decentralized Verifier Networks (DVNs), independent entities that verify the integrity of cross-chain messages. On April 18, the notorious North Korean Lazarus Group targeted LayerZero Labs’ DVN by poisoning downstream RPC infrastructure. The attackers gained access to the list of RPCs used by the DVN, compromised two independent nodes, and swapped out binaries running op-geth nodes.

“Because of our least-privilege principles, they were unable to compromise the actual DVN instances. However, they used this pivot point to execute an RPC-spoofing attack,” LayerZero explained. The hackers then launched a DDoS attack against non-compromised RPCs, triggering a failover to the poisoned ones. This allowed them to send a forged cross-chain message that was accepted as valid, enabling the unauthorized transfer of rsETH.

LayerZero Blames KelpDAO for Configuration Flaws

In a striking twist, LayerZero has pushed back against KelpDAO’s initial blame, arguing that the protocol’s single-DVN configuration was the root cause. “Operating a single-point-of-failure configuration meant there was no independent verifier to catch and reject a forged message,” LayerZero stated. It noted that best practices around DVN diversification had been communicated to KelpDAO, but the firm chose a 1/1 DVN setup.

“A properly hardened configuration would have required consensus across multiple independent DVNs, rendering this attack ineffective even in the event of any single DVN being compromised,” the company added.

Fortunately, around a quarter of the stolen funds—approximately 30,766 ETH ($71 million)—have been frozen by Arbitrum‘s Security Council, providing a small silver lining in an otherwise devastating incident.

Lazarus Group’s Growing Sophistication

Security experts warn that the Lazarus Group is demonstrating increasingly advanced operational capabilities. “These environments are not being tested by smash and grab actors, they are being pressured by disciplined adversaries who understand how to chain together weak points across infrastructure, applications, and trust relationships,” said Pete Luban, CISO at AttackIQ. “Groups like Lazarus are not just walking away richer, they are walking away better, with more resources to scale tooling, refine techniques, and reinvest in future campaigns.”

Nick Tausek, lead security automation architect at Swimlane, echoed this sentiment, noting the attack followed a familiar North Korean pattern of “patient intrusion, manipulation of trust, and detection suppression.” He added: “By compromising infrastructure tied to LayerZero’s verifier role, they’ve stepped into a trusted position in the transaction flow and abused that trust to push forged messages downstream. That’s what makes third-party breaches so dangerous in crypto: the blast radius rarely stops with the initial victim.”

Lessons for DeFi Security

This incident underscores the critical importance of robust cross-chain security configurations. For DeFi protocols, relying on a single verifier is clearly a high-risk strategy. As the KelpDAO crypto heist shows, even well-funded projects can fall victim to sophisticated adversaries when best practices are ignored.

Moving forward, protocols should adopt multi-DVN setups, regularly audit their infrastructure, and stay informed about emerging threats. For more insights on protecting DeFi assets, check out our guide on DeFi security best practices and learn how to secure cross-chain transactions.

The Lazarus Group’s ability to chain together multiple vulnerabilities—from RPC poisoning to DDoS attacks—highlights the need for a defense-in-depth approach. As the crypto industry matures, so too must its security posture.

US Healthcare Marketplaces Leaked Citizenship and Race Data to Ad Tech Giants

A new investigation by Bloomberg has uncovered a sweeping privacy breach: almost all of the 20 U.S. state-run health insurance marketplaces transmitted residents’ citizenship and race data to advertising technology giants, including Google, LinkedIn, Meta, and Snap. The report highlights how pixel-sized trackers, common tools for web analytics, were misconfigured on sensitive government websites, exposing personal health application details to third-party platforms.

How Pixel Trackers Exposed Citizenship and Race Data

These tiny trackers, often invisible to users, are designed to help website owners understand visitor behavior and fix bugs. However, when placed on pages containing sensitive information—such as healthcare applications—they can inadvertently collect and share personal data. According to Bloomberg, New York’s health insurance exchange shared information about applicants’ incarcerated family members with several tech companies. Meanwhile, Washington, D.C.’s exchange asked residents about their sex and race, and TikTok’s pixel tracker attempted to redact some of this data but failed to mask all racial identifiers.

Washington, D.C. and Virginia Respond

After Bloomberg’s findings, Washington, D.C. paused its rollout of the TikTok tracker. Virginia went a step further by removing Meta’s tracker from its website after discovering it was sharing residents’ ZIP codes with the social media giant. A spokesperson for the D.C. exchange confirmed that email addresses, phone numbers, and country identifiers were also transmitted to TikTok.

This Is Not a New Problem in Healthcare Data Privacy

Unfortunately, this is not an isolated incident. Similar issues have plagued telehealth startups and large healthcare organizations for years. Several companies have had to notify millions of patients that their health information was inadvertently collected and shared with ad tech firms, whose business models depend on monetizing consumer data. However, Bloomberg’s investigation underscores a new dimension: when these trackers appear on government-run marketplaces, the potential impact is massive. More than seven million Americans purchased health insurance through state exchanges this year alone.

What This Means for Consumers and Policymakers

For individuals, this breach of citizenship and race data raises serious questions about trust in government digital services. If your personal health application details—including sensitive demographic information—can be sent to advertising platforms without your knowledge, the very concept of privacy in healthcare is undermined. Policymakers must now grapple with enforcing stricter regulations on pixel trackers, especially on sites handling protected health information. Learn more about protecting your healthcare data online.

Steps to Protect Your Information

While the responsibility largely falls on institutions, consumers can take some precautions. Use privacy-focused browser extensions that block trackers, review the privacy policies of healthcare websites, and consider using virtual private networks (VPNs) when accessing sensitive portals. Additionally, check if your personal data has been exposed in recent breaches. For a deeper dive into how ad tech companies handle user data, read our explainer on ad tech data collection practices.

In conclusion, the Bloomberg investigation serves as a stark reminder that even government-run platforms are vulnerable to privacy lapses. As more Americans rely on state insurance exchanges, ensuring the security of citizenship and race data must become a top priority for regulators and tech companies alike.

Vercel Confirms Cyber Incident: Breach Originated from Third-Party Tool Context.ai

In a recent disclosure, Vercel has confirmed a Vercel cyber incident that may have exposed sensitive internal data. The attack, described by the company as highly sophisticated, began with an employee’s use of a third-party tool, Context.ai. This incident underscores the growing risks associated with third-party integrations in modern development workflows.

How the Vercel Cyber Incident Unfolded

According to an updated notice dated April 21, the unauthorized access started when an employee used Context.ai, a third-party tool. The attacker leveraged that access to take over the employee’s Vercel Google Workspace account, gaining entry into several Vercel environments and environment variables not marked as sensitive. Vercel emphasized that environment variables labeled as ‘sensitive’ are stored in a way that prevents them from being read, and there is currently no evidence that those values were accessed.

However, the company did confirm that a limited subset of customers had their non-sensitive environment variables compromised. These variables may include API keys, tokens, database credentials, and signing keys. Vercel has already reached out to those affected.

Threat Actor Claims and Extortion Attempt

On X (formerly Twitter), a threat actor purporting to be part of the ShinyHunters collective posted screenshots claiming to have access to multiple employee accounts, internal deployments, API keys, npm/GitHub tokens, source code, and databases. They are reportedly demanding a $2 million ransom. Vercel is working with Mandiant to verify these claims.

Despite the severity of the breach, Vercel assured users that none of its npm packages were compromised, and there is no evidence of tampering. This means projects like the popular React framework Next.js remain safe. For more on related security issues, see our article on NCSC Urging Users to Patch Next.js Flaw Immediately.

Root Cause: The Danger of OAuth and Third-Party Tools

Cory Michal, CISO at AppOmni, traced the breach back to the OAuth access that Context.ai provided to the Vercel employee’s Google Workspace account. He explained that once a user authorizes one app, that trust can extend into email, identity, CRM, development, and other systems in ways many organizations do not fully inventory or monitor. This makes a single compromised integration a powerful pivot point for attackers.

This incident highlights a critical lesson: third-party risk management cannot stop at reviewing a vendor’s SOC 2 report or penetration test results. Organizations need continuous visibility into how third-party applications are connected across their SaaS estate, what OAuth grants and integration tokens they hold, and how those relationships could be abused if one provider is compromised. For more on managing such risks, check our guide on third-party risk management best practices.

Customer Guidance: Steps to Mitigate Risk

In response to the Vercel cyber incident, the company has issued the following advice for all customers:

• Enable multi-factor authentication (MFA) via authenticator app or passkey
• Review and rotate environmental variables not marked as ‘sensitive’ as these may have been potentially exposed
• Use the sensitive environmental variables feature to protect secret values
• Review activity log for suspicious activity
• Investigate suspicious or unexpected recent deployments
• Ensure deployment protection is set to standard, at a minimum
• Rotate deployment protection tokens

Furthermore, Vercel urges customers to adopt a proactive security posture. This includes regularly auditing third-party integrations and OAuth permissions to prevent similar breaches.

Broader Implications for the Developer Community

This Vercel cyber incident serves as a stark reminder that even well-funded, security-conscious companies can fall victim to sophisticated attacks through third-party tools. The developer community, which often relies on a rich ecosystem of integrations, must treat every third-party connection as a potential attack vector.

As a result, organizations should implement continuous monitoring of OAuth grants and integration tokens. They should also consider adopting zero-trust principles, where every access request is verified regardless of its origin. For additional insights, read our analysis on OAuth security best practices.

In conclusion, while Vercel has taken swift action to contain the breach and communicate with affected customers, the incident highlights the evolving nature of cyber threats. By learning from this event, developers and organizations can better protect themselves against similar attacks in the future.