In April 2026, two hacks worth $577 million accounted for 76% of all crypto theft this year. Both were the work of North Korea’s Lazarus Group.
Summary
- North Korea-linked Lazarus attacks drained $577 million from Drift Protocol and KelpDAO.
- The Drift exploit relied on social engineering, compromised devices, and multisig approvals.
- KelpDAO’s breach triggered a DeFi bank-run risk after rsETH collateral spread through Aave.
- The attacks show DeFi security now depends on human, operational, and bridge-layer defenses.
Neither was a smart contract exploit. The attackers spent six months posing as a trading firm, attending crypto conferences in person, and…
