FFeel.Trading
要闻列表Lazarus Group 在 Arbitrum 凍結 KelpDAO 漏洞利用中涉及的 71M USD 後,被懷疑轉移了 175M USD 的 ETH
Bitcoin.com2026-04-21 12:19:33ETH

Lazarus Group 在 Arbitrum 凍結 KelpDAO 漏洞利用中涉及的 71M USD 後,被懷疑轉移了 175M USD 的 ETH

ORIGINALLazarus Group Suspected of Moving $175M in ETH After Arbitrum Freezes $71M From KelpDAO Exploit
AI 影响分析Grok 分析中...
📄完整原文· 由 trafilatura 自动抓取5562 字
North Korea’s Lazarus Group is preliminarily attributed with draining approximately $292 million in rsETH from KelpDAO on April 18, 2026. The state-backed hacking entity has been responsible for billions of dollars stolen from the crypto industry over the last few years. Lazarus Group Suspected of Moving $175M in ETH After Arbitrum Freezes $71M From KelpDAO Exploit Key Takeaways: - Lazarus Group drained 116,500 rsETH from KelpDAO on April 18. - The Arbitrum Security Council froze roughly 30,766 ETH worth $71M linked to the KelpDAO exploiter on April 20. - Lazarus moved $175M to new ethereum addresses after the Arbitrum freeze, with Arkham Intelligence actively tracking wallets. North Korea’s Hacking Syndicate Launders Millions in Stolen KelpDAO ETH Through Thorchain and Umbra Cash While the story may be different depending on which protocol dev you ask, reports say the attackers compromised two RPC nodes and deployed malware to feed false transaction data exclusively to Layerzero’s Decentralized Verifier Network while keeping feeds honest for other observers. Reports have been released by KelpDAO, Layerzero, and Llamarisk alongside Aave service providers. The attack followed with a distributed denial-of-service attack against the remaining clean nodes, forcing KelpDAO‘s bridge to fail over to the compromised infrastructure. With the verification layer under their control, they forged a cross-chain message authorizing the withdrawal of roughly 116,500 rsETH, representing approximately 18% of KelpDAO’s total rsETH supply. The KelpDAO theft is the second major attack attributed to Lazarus within three weeks. On April 1, approximately $285 million was taken from Drift Protocol in an operation investigators also linked to North Korea’s Lazarus. The two incidents together account for nearly $600 million in losses. North Korean hackers reportedly stole approximately $2.02 billion in cryptocurrency across all of 2025, a 51% year-over-year increase that made it a record year for DPRK-linked theft. That figure, published by Chainalysis and South Korean media outlets, represented roughly 60% to 76% of all global service-level crypto thefts, despite the group executing 74% fewer individual incidents than in prior years. The cumulative lower-bound estimate through the end of 2025 reached approximately $6.75 billion. The largest single theft in crypto history also belongs to Lazarus. In early 2025, the group stole approximately $1.5 billion from Bybit, a Dubai-based exchange, by compromising a software provider for Safe Wallet and manipulating developer environments to redirect a cold-to-hot wallet transfer. The FBI formally attributed that attack to North Korean Lazarus Group actors. Before Bybit, significant attributed heists included roughly $620 million from the Ronin Network bridge in 2022, $308 million from DMM Bitcoin in 2024, and $234.9 million from Indian exchange WazirX in 2024. The DPRK-linked group has also targeted smaller platforms, individual wallets, and crypto-adjacent software supply chains. Lazarus typically spends months in preparation before executing a theft. Attackers use fake recruiter outreach, Github-hosted malware, and spear-phishing to gain initial access. Once inside developer or validator environments, they harvest private keys, compromise hot wallets, or manipulate bridge infrastructure. After exfiltrating funds, the group launders assets through chain-hopping, decentralized exchange ( DEX) swaps, and dispersion across thousands of addresses. Some proceeds are allegedly routed through services such as Huione Pay before ultimately being converted into bitcoin or other assets that can support the DPRK regime. The U.S. Department of Justice indicted North Korean national Park Jin Hyok in connection with earlier Lazarus operations. The Treasury Department’s Office of Foreign Assets Control has sanctioned dozens of addresses, and the FBI has issued public advisories with onchain identifiers for exchanges and validators to block. Despite those measures, Lazarus has continued to adapt. The group’s infrastructure poisoning techniques, including the RPC node compromise used in the KelpDAO attack, reflect a shift toward targeting the plumbing beneath decentralized finance (DeFi) protocols rather than front-end interfaces or individual user credentials. Crypto bridge security remains a central vulnerability. The Ronin, Harmony Horizon, and now KelpDAO breaches all involved manipulation of cross-chain verification systems. Security researchers have pointed to multi-signature requirements, independent RPC node auditing, and real-time behavioral monitoring as the most direct mitigations. Arbitrum Security Council Freezes 30,766 ETH From KelpDAO Exploiter in Emergency Onchain Action Arbitrum Security Council Freezes 30,766 ETH From KelpDAO Exploiter in Emergency Onchain Action The Arbitrum Security Council froze 30,766 ether held by the KelpDAO exploiter on Arbitrum One, moving the funds to a… Read NowArbitrum Security Council Freezes 30,766 ETH From KelpDAO Exploiter in Emergency Onchain Action Read NowThe Arbitrum Security Council froze 30,766 ether held by the KelpDAO exploiter on Arbitrum One, moving the funds to a… North Korea is estimated to derive a significant share of hard currency from these operations in an economy constrained by international sanctions, with some analyses placing crypto theft proceeds at roughly 13% of GDP. Stolen funds are believed to support the country’s nuclear and ballistic missile programs alongside other state functions.
数据状态✓ 已抓取全文阅读原文(Bitcoin.com)
🔍历史类似事件· 关键词 + 标的比对6 则
2026-04-21
Arbitrum Security Council 冻结了与 $292M KelpDAO 漏洞利用相关的 $71.5M ETH
相似度 430%標的 ETH關鍵字 freezes/exploit/kelpdao
2026-04-21
Arbitrum Security Council 冻结了与 $292M KelpDAO 漏洞利用相关的 $71.5M Ethereum
相似度 430%標的 ETH關鍵字 freezes/exploit/kelpdao
2026-04-21
Arbitrum Security Council 在緊急鏈上行動中凍結了 KelpDAO 攻擊者持有的 30,766 ETH
相似度 430%標的 ETH關鍵字 freezes/arbitrum/kelpdao
2026-04-21
Arbitrum 冻结 KelpDAO 被盗资金,揭露了 Crypto 最大的谎言
相似度 380%標的 ETH關鍵字 freezes/kelpdao/arbitrum
2026-04-21
Arbitrum Security Council 阻止 KelpDAO 黑客轉移 30,766 ETH
相似度 380%標的 ETH關鍵字 kelpdao/eth/arbitrum
2026-04-20
KelpDAO 遭攻擊後,前 20 大鏈上的 DeFi TVL 均出現下滑
相似度 380%標的 ETH關鍵字 kelpdao/exploit/after
💡 目前用关键词 + 标的比对(MVP)· 之后会升级为 embedding 语义搜寻
原始信息
ID:ca4b86f7b1
来源:Bitcoin.com
发布:2026-04-21 12:19:33
分类:一般 · 导出分类 neutral
标的:ETH
社群投票:+0 /0 · ⭐ 0 重要 · 💬 0 留言