LayerZero has released a detailed report on the rsETH attack that occurred on April 18, affecting the KelpDAO rsETH bridge. The breach resulted in the theft of approximately 116,500 rsETH, valued at around $292 million. Security firms have linked the attack to the North Korean hacking group TraderTraitor (UNC4899). The attack exploited a single-validator configuration in KelpDAO's bridge, using social engineering to compromise a LayerZero Labs developer's session key and infiltrate their RPC cloud environment.
The attacker manipulated internal RPC nodes to provide false blockchain state information, enabling the generation of valid proofs for forged cross-chain messages. This led to the unauthorized unlocking of rsETH. In response, LayerZero Labs has rebuilt its infrastructure with a zero-trust architecture and implemented stricter security measures, including requiring minimum security configurations for channels involving its Decentralized Verifier Network. The company is also collaborating with law enforcement and security firms to track the stolen funds.
LayerZero Reports on rsETH Attack, Rebuilds Infrastructure
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.