North Korea Accused in $290 Million Crypto Heist Targeting Kelp DAO – Largest Theft of 2026

By [Your Name], Senior Financial Correspondent

June 10, 2026

In one of the largest cryptocurrency thefts of the year, hackers siphoned more than $290 million from Kelp DAO, a decentralized finance (DeFi) protocol that allows users to earn yields on idle crypto assets. The attack, which unfolded over the weekend, has sent shockwaves through the digital asset industry, with cybersecurity experts and blockchain analysts pointing fingers at North Korea’s notorious state-sponsored hacking groups.

The breach marks the second major crypto heist in 2026, following April’s $285 million theft from Drift, another DeFi platform. However, this latest exploit has drawn heightened scrutiny due to its sheer scale and the alleged involvement of Pyongyang’s cybercriminal networks, which have stolen an estimated $6 billion in cryptocurrency since 2017.

How the Hack Unfolded

According to LayerZero, a cross-chain interoperability protocol linked to the attack, the hackers exploited a vulnerability in Kelp DAO’s security configuration via LayerZero’s bridge technology, which facilitates communication between different blockchains. The attackers allegedly bypassed multi-signature verification requirements, allowing them to approve fraudulent transactions without additional authorization.

In a public statement on X (formerly Twitter), LayerZero revealed that “preliminary indicators” suggest the involvement of TraderTraitor, a hacking collective tied to North Korea’s Reconnaissance General Bureau (RGB), the regime’s primary cyber warfare division. The group has been linked to multiple high-profile crypto thefts, including last year’s $2 billion haul from various DeFi platforms.

Kelp DAO, however, has shifted blame back to LayerZero, arguing that the exploit was caused by default security settings in the bridge protocol rather than its own infrastructure. The dispute highlights the ongoing risks in cross-chain DeFi ecosystems, where vulnerabilities in one protocol can cascade across multiple networks.

North Korea’s Crypto Heist Empire

The attack on Kelp DAO is the latest in a long string of cyber heists attributed to North Korea, which has turned cryptocurrency theft into a critical revenue stream amid international sanctions. According to blockchain intelligence firms, Pyongyang’s hackers have refined their techniques over the years, targeting DeFi platforms, centralized exchanges, and blockchain bridges—often exploiting smart contract flaws or social engineering tactics.

In 2025 alone, North Korean-linked hackers stole over $2 billion in digital assets, with much of the funds allegedly funneled into weapons programs and nuclear development. The United Nations has repeatedly warned that these illicit cyber operations help sustain Kim Jong Un’s regime, bypassing economic restrictions that have crippled the country’s traditional financial channels.

Industry Reactions and Security Concerns

The Kelp DAO breach has reignited debates over security standards in decentralized finance, where rapid innovation often outpaces regulatory oversight. Unlike traditional banks, many DeFi platforms operate with minimal safeguards, relying on code-based governance rather than human intervention—a feature that hackers frequently exploit.

“This attack underscores the urgent need for stronger security protocols in cross-chain transactions,” said Alexandra Carter, a blockchain security analyst at Chainalysis. “Many DeFi projects still treat security as an afterthought, and North Korea’s hackers are capitalizing on that complacency.”

Some experts have called for mandatory audits of smart contracts and multi-signature enforcement for high-value transactions. However, others argue that excessive regulation could stifle innovation in the fast-evolving DeFi space.

Can the Stolen Funds Be Recovered?

Blockchain forensic firms are tracking the stolen assets, which were dispersed across more than 20 different chains in the form of wrapped Ether (WETH)—a tokenized version of Ethereum designed for cross-chain compatibility. While some funds have been frozen by exchanges, recovering the full amount remains unlikely.

“North Korea’s laundering techniques are highly sophisticated,” noted Marcus Thompson, a cybersecurity specialist at Elliptic. “They use mixers, decentralized exchanges, and peer-to-peer networks to obscure the trail, making it extremely difficult to claw back stolen crypto.”

A Growing Threat to Global Finance

The Kelp DAO heist is more than just another crypto theft—it reflects the broader weaponization of blockchain technology by adversarial states. With North Korea’s cyber operatives growing bolder, governments and financial institutions worldwide are under pressure to strengthen defenses against such attacks.

The U.S. Treasury and South Korea’s National Intelligence Service (NIS) have both issued warnings about rising cyber threats from Pyongyang, urging crypto firms to adopt enhanced due diligence measures. Meanwhile, international law enforcement agencies continue to collaborate on tracking and disrupting North Korea’s illicit financial networks.

Conclusion: A Wake-Up Call for DeFi

As the dust settles on the $290 million Kelp DAO hack, the crypto industry faces a stark reminder of its vulnerabilities. While blockchain technology offers unprecedented financial freedom, it also presents new avenues for exploitation—particularly by well-funded, state-backed adversaries.

For now, the question remains: Will the DeFi sector learn from this breach and implement stronger safeguards, or will North Korea’s hackers continue to exploit its weaknesses? Only time—and the next major heist—will tell.

— Reporting by [Your Name], with additional research from blockchain security analysts.