Kelp hack: $500M lost in two weeks as North Korean-linked exploits spread
Kelp hack: $500M lost in two weeks. North Korean-linked attackers exploited weaknesses in Kelp’s validation system, manipulating input data to approve fraudulent transactions.
A key issue was Kelp’s reliance on a single validator for cross-chain message verification. Security experts argue this is excessive trust: a signature can identify the signer, but it cannot guarantee truthfulness. They say protocols should adopt multi-layer, independent verification.
The damage quickly spread across DeFi. Because assets used as collateral move between platforms, the Kelp hack triggered a domino effect. Lending protocol Aave reportedly suffered losses after accepting assets originating from Kelp.
The article also ties this wave of incidents to broader targeting of “cross-chain plumbing” and restaking infrastructure, which is harder for users to monitor. It references the recent Drift breach as part of the same two-week problem.
Combined losses from the Drift and Kelp attacks have reportedly surpassed $500M in two weeks. Traders should watch for continued volatility, risk-off pricing for affected collateral, and tighter security scrutiny across restaking and cross-chain protocols. (Not investment advice.)
Keywords: Kelp hack, $500M, validation system, cross-chain verification, North Korean-linked hackers, DeFi contagion, Aave collateral, Drift breach
Bearish
This is bearish because the Kelp hack is not a limited incident; it points to structural weaknesses in cross-chain validation that can propagate through DeFi lending. When collateral can be reused across protocols, a single failure (Kelp’s validation design, including single-validator verification) can cause correlated losses—exactly what happened with Aave accepting Kelp-origin assets.
Similar past patterns in crypto show that validation/oracle/cross-chain “plumbing” failures tend to trigger a short-term risk-off move: spreads widen, leverage gets pulled back, and tokens tied to affected collateral or restaking narratives often underperform. Over the long term, markets may slowly re-price based on whether protocols implement independent, multi-layer verification and whether regulators/industry standards tighten. However, until those fixes are verifiable and implemented broadly, traders typically price in ongoing tail risk. Combined with the referenced Drift breach, the two-week scale ($500M+) increases the probability of further contagion and headline-driven volatility.