KelpDAO Bridge Exploit: $292M rsETH release for Phantom burn

Attackers wey get connection to North Korea Lazarus Group knack KelpDAO Bridge on April 18, 2026, release about $292M worth of rsETH (116,500 rsETH) for Ethereum based on burn wey no happen. The KelpDAO Bridge exploit no be smart-contract bug. E target LayerZero off-chain verification setup (one 1-of-1 DVN wey dey depend on LayerZero-hosted RPC nodes). Dem compromise LayerZero internal RPC endpoints and use DDoS to scatter external nodes, force the verifier to accept forged cross-chain state. The DVN "confirm" rsETH burn for Unichain source chain, but no burn actually happen. So Ethereum release rsETH with valid signatures and normal-looking calldata, make the activity hard to detect by transaction-level monitoring. KelpDAO quick pause the affected contracts and L2 deployments, blacklist attacker addresses, and stop another try to thief about 40,000 rsETH (~$95M). Separately, Arbitrum Security Council cooperate with law enforcement and freeze 30,766 ETH wey connect to downstream attacker funds. The earlier Chainalysis framing still central: DeFi security must focus on cross-chain invariant monitoring, not only "malicious code detection." The KelpDAO Bridge exploit na textbook example of invariant failure where released assets ≠ burned/locked assets. For traders, this one mean bridge-risk pricing go increase. If rsETH dey used as collateral or for liquidity, expect higher risk premiums, more conservative liquidity routing, and possible peg/market dislocation until teams prove invariant consistency with real-time monitoring and fast pause governance.
Bearish
This tin sharp breach of the bridge invariant (dem release rsETH for Ethereum without any matching burn for the source chain) dey increase how people dey fear sey rsETH bridge fit break. For short term, traders fit add more uncertainty for price and widen risk spreads, especially if dem dey use rsETH as collateral or dem push am enter DeFi liquidity pools. For long term, even with quick pause and blacklist, the reliance on one specific off-chain verification path (1-of-1 DVN via RPC) fit dey cause ongoing worry until teams fit show robust real-time cross-chain consistency monitoring and fast governance controls. Overall, immediate market reaction for rsETH likely go negative because of higher counterparty/bridge-risk premium from the KelpDAO Bridge exploit.