Leading blockchain security firms attribute the $290 million Kelp DAO crypto heist to state-sponsored hackers from North Korea, specifically pointing to the notorious Lazarus Group. This group has a history of targeting DeFi platforms.

Initial analysis suggests the attackers exploited a critical smart contract vulnerability within Kelp DAO's protocol logic. The stolen digital assets, including Ether and wrapped tokens, were then quickly funneled through crypto mixers to obscure their trail.

The Lazarus Group is a notorious cybercrime syndicate linked to the North Korean government, implicated in several of the largest crypto heists on record, including the Kelp DAO, Axie Infinity's Ronin Bridge, and Harmony's Horizon Bridge attacks. These operations fund Pyongyang's sanctioned programs.

State-sponsored cyber operations, like the Kelp DAO crypto heist, are believed to be a primary source of revenue for Pyongyang, providing crucial funding for its nuclear and ballistic missile programs. DeFi's high-value, and sometimes inadequately secured, nature makes it an appealing target.

A liquid staking protocol operates within the decentralized finance (DeFi) sector, allowing users to stake their cryptocurrencies while retaining liquidity. Kelp DAO was a prominent example until it suffered a significant security breach.