Binance Square
Descubre
Noticias
Notificación
Perfil
Marcadores
Chats
Historial
Centro de creadores
Ajustes
#lazarusgroup

lazarusgroup

1.4M vistas
351 están debatiendo
CryptoXennny
·
--
ETH: 🚀 Arbitrum just froze $70M worth of ETH in response to the KelpDAO hack ✅ The attacker moved over $176M across multiple chains, with Bitcoin becoming their new playground. 💾 By intervening early, Arbitrum prevented roughly 29% of the stolen funds from entering the laundering pipeline 🔄 A race against time ensued as investigators tracked the thief's rapid moves through THORChain and other decentralized protocols 🔮 Lazarus Group is suspected to be behind this brazen move, using complex tactics to obscure their tracks. 🔍 Is the remaining $176M still in play? Let's watch closely! 💬 Will these funds find a safe haven or will they slip through our fingers? 🛑 Are we overthinking this situation or is there real risk here? 👇 #ETH #KelpDAO #LazarusGroup
ETH: 🚀 Arbitrum just froze $70M worth of ETH in response to the KelpDAO hack ✅

The attacker moved over $176M across multiple chains, with Bitcoin becoming their new playground. 💾

By intervening early, Arbitrum prevented roughly 29% of the stolen funds from entering the laundering pipeline 🔄

A race against time ensued as investigators tracked the thief's rapid moves through THORChain and other decentralized protocols 🔮

Lazarus Group is suspected to be behind this brazen move, using complex tactics to obscure their tracks. 🔍

Is the remaining $176M still in play? Let's watch closely! 💬

Will these funds find a safe haven or will they slip through our fingers? 🛑

Are we overthinking this situation or is there real risk here? 👇

#ETH #KelpDAO #LazarusGroup
BTC-0,66%
ETH+0,20%
27
LiquidTrader
·
--
Arbitrum Seals a Win, but the Hunt Continues 🛡️ Arbitrum has frozen 30,766 ETH worth over $70 million linked to the KelpDAO exploit, preventing roughly 29% of stolen funds from entering the laundering pipeline. However, the attacker is still moving assets across multiple chains and protocols, including Bitcoin. This high-level operational discipline hints at a sophisticated threat actor behind the scenes. The Lazarus Group has been linked to previous crypto thefts using similar tactics. With over $176 million already laundered through various decentralized bridges, the race against time continues for blockchain investigators and law enforcement agencies. Is the Lazarus Group involved in this operation? Share your thoughts below! 💬 #Arbitrum #KelpDAO #LazarusGroup
Arbitrum Seals a Win, but the Hunt Continues 🛡️

Arbitrum has frozen 30,766 ETH worth over $70 million linked to the KelpDAO exploit, preventing roughly 29% of stolen funds from entering the laundering pipeline. However, the attacker is still moving assets across multiple chains and protocols, including Bitcoin. This high-level operational discipline hints at a sophisticated threat actor behind the scenes.

The Lazarus Group has been linked to previous crypto thefts using similar tactics. With over $176 million already laundered through various decentralized bridges, the race against time continues for blockchain investigators and law enforcement agencies.

Is the Lazarus Group involved in this operation? Share your thoughts below! 💬

#Arbitrum #KelpDAO #LazarusGroup
BTC-0,66%
ETH+0,20%
16
MarketHitman
·
--
$KELP AND HUMANITY PROTOCOL HACKED FUNDS ARE MERGING — SAME ATTACKER? 🔥 Kelp DAO lost $292M on April 18 via a LayerZero bridge compromise. Humanity Protocol lost $32M on June 9 due to a developer’s compromised device. Now, on-chain data shows these stolen funds converging within the last hour. The timing and wallet patterns strongly suggest the same actor — likely Lazarus Group — is consolidating the haul before layering. This is the kind of on-chain fingerprint that security teams use to trace entire operations. What does this convergence tell you about the hygiene of cross-chain infrastructure? Not financial advice. Always manage your risk. #KELP #CryptoHack #DeFiSecurity #LazarusGroup #OnChain ⚡
$KELP AND HUMANITY PROTOCOL HACKED FUNDS ARE MERGING — SAME ATTACKER? 🔥

Kelp DAO lost $292M on April 18 via a LayerZero bridge compromise. Humanity Protocol lost $32M on June 9 due to a developer’s compromised device. Now, on-chain data shows these stolen funds converging within the last hour.

The timing and wallet patterns strongly suggest the same actor — likely Lazarus Group — is consolidating the haul before layering. This is the kind of on-chain fingerprint that security teams use to trace entire operations. What does this convergence tell you about the hygiene of cross-chain infrastructure?

Not financial advice. Always manage your risk.

#KELP #CryptoHack #DeFiSecurity #LazarusGroup #OnChain

1
Siddique_Crypto
·
--
Artículo
North Korea Stole 76% of All Crypto Hack Value in 2026 — With Just Two AttacksNorth Korea Stole 76% of All Crypto Hack Value in 2026 — With Just Two Attacks A state-sponsored hacking program, built inside a sanctioned government, executed 12 minutes of code and walked away with $577 million. This is not cybercrime. It is state-directed financial warfare — and the crypto industry is its primary battlefield. 📊 Q2 2026 — The Most Hacked Quarter in Crypto History ◆ Hackers carried out 83 incidents in Q2 2026 — the quarter with the most exploits ever recorded in the history of the crypto industry; total losses for the quarter reached $755.3 million (Crypto Economy) ◆ By the end of May 2026, total DeFi hack losses for the year exceeded $840 million across more than 50 incidents — a 70% year-over-year increase compared to the same window in 2025 (altFINS) ◆ April 2026 was identified as the single worst month in DeFi history — over 30 separate attacks tracked, netting attackers approximately $635 million in total; one of the highest monthly loss figures since early 2025 (Finextra) ◆ As recently as June 24, 2026, SecondFi on the Cardano ecosystem was exploited for an estimated $19.4–20 million, linked to a flaw in its proprietary wallet generation software — with SlowMist analysts estimating up to 129 million ADA compromised (Bitcoin Foundation) 🇰🇵 North Korea's Lazarus Group — The Verified Numbers ◆ North Korean hacking groups accounted for 76% of all crypto hack value in 2026 through April — not because they launched a wave of attacks, but because two attacks totaling $577 million dwarfed everything else; those two attacks represent just 3% of 2026's incident count (TRM) ◆ DPRK-linked actors stole $2.02 billion in 2025, a 51% year-on-year increase; North Korea's cumulative attributed crypto theft now exceeds $6.75 billion since 2017 (Sanctions.io) ◆ In the past two weeks of April alone, the group siphoned more than $500 million from two exploits; a senior blockchain security researcher at CertiK stated the crypto industry needs to start viewing Lazarus the same way banks view nation-state cyber actors — "as a constant and well-funded threat, not just another news headline" (CoinDesk) ◆ The UN Panel of Experts has estimated that crypto theft funds a material proportion of North Korea's ballistic missile and nuclear weapons development programs, documented in Security Council reports with specific transaction analysis linking attributed proceeds to weapons procurement networks (Sanctions.io) 🌉 Attack #1 — Drift Protocol: $285 Million, 12 Minutes, 6 Months of Planning ◆ The Drift Protocol breach on April 1, 2026 involved three weeks of pre-attack staging and months of social engineering to compromise protocol signers — the full drain of $285 million was then executed in approximately 12 minutes (TRM) ◆ The Drift attack was not a code exploit — it was a six-month social engineering operation targeting the people who controlled admin keys; private key compromises accounted for the majority of stolen funds, and smart contract audits provide no protection against a developer targeted by a state-backed team with months of patience (Phemex) ◆ The stolen tokens were converted to USDC via Jupiter, bridged to Ethereum, and swapped into ETH — distributed across fresh wallets before going dormant; the stolen ETH has not moved since the day of the theft, consistent with North Korea's documented strategy of holding proceeds for months or years before executing a structured cashout (TRM) 🌉 Attack #2 — KelpDAO: $292 Million Through a Single Bridge Flaw ◆ On April 18, 2026, KelpDAO was exploited for approximately $290 million after two blockchain servers hosted by LayerZero were compromised — a token linked to the Ethereum network was drained through a forged cross-chain message; LayerZero's statement said "preliminary indicators suggest attribution to a highly sophisticated state actor, likely DPRK's Lazarus Group" (UPI) ◆ The attacker exploited the protocol's bridge contract and created unbacked tokens, then used them to borrow real assets — Cyvers described this as "exactly how this kind of exploit blows up so fast" and confirmed it became a cross-protocol contagion event affecting at least 9 protocols simultaneously; Aave V3, SparkLend, Fluid, Compound, and Euler all moved to freeze exposure (CryptoPotato) ◆ After the Arbitrum Security Council froze approximately $75 million of the stolen funds, approximately $175 million in ETH was moved through THORChain and converted to Bitcoin — the same laundering route used in the 2025 Bybit theft; THORChain processed the vast majority of proceeds from both incidents, converting hundreds of millions in stolen ETH to Bitcoin with no operator intervention (TRM) ◆ More than $13 billion was wiped from total DeFi TVL in the two days following the KelpDAO breach alone (UPI) 🦠 The New Attack Vector Nobody Saw Coming — "Mach-O Man" ◆ Lazarus Group is now running a macOS-focused campaign dubbed "Mach-O Man" targeting executives at fintech and crypto firms through routine business communications — using a social engineering technique called ClickFix, where victims are lured into fake online meetings and instructed to paste a command into their Mac terminal, granting attackers access to corporate and financial systems (CoinDesk) ◆ Mach-O Man is a modular malware kit that often erases itself before victims realize they have been compromised — "Most victims of this hack will not realize their security has been breached until the damage has been done, at which time the malware will have already erased itself," according to CertiK's senior blockchain security researcher (CoinDesk) ◆ On March 12, 2026, OFAC designated new sanctions targets tied to North Korea's IT worker program, which has evolved from operatives applying for remote jobs at crypto firms to orchestrating fake hiring processes — posing as recruiters for prominent Web3 and AI companies to harvest credentials, source code, and VPN access (Sanctions.io) ⚠️ Why Cross-Chain Bridges Remain the Highest-Value Target ◆ Cross-chain bridge vulnerabilities accounted for $351 million — nearly half — of Q2 2026's total losses; the LayerZero bridge exploit alone facilitated the KelpDAO breach (Blockchain News) ◆ Bridges hold large pools of locked assets and rely on cross-chain messaging systems that are difficult to verify — when a bridge breaks, an attacker can drain the entire reserve backing wrapped tokens across multiple chains in a single transaction, making bridges the highest-value targets in DeFi; the problem is architectural, not just implementation-specific (1inch) ◆ Mitchell Amador, CEO of bug bounty platform Immunefi, warned that advances in artificial intelligence are exacerbating these trends — describing the rise of AI-enabled hacking as a "vulnerability apocalypse," with attackers leveraging machine learning to exploit weaknesses at unprecedented scale (Crypto Economy) 🔍 The Uncomfortable Reality Compromised accounts now account for more than 50% of all DeFi attacks by incident count — overtaking traditional smart contract exploits as the primary source of losses for the first time; by dollar value, the skew is even more pronounced (altFINS) The pattern is consistent across every major 2026 incident: the code is not the weakest link anymore. The humans who control the keys are. A six-month social engineering campaign targeting one developer is all it takes to drain a protocol holding hundreds of millions. No audit catches that. No smart contract upgrade prevents it. The industry's security model was built for the wrong threat. With North Korea running what amounts to a state-funded cyber operation that stole $6.75 billion in crypto since 2017 to finance weapons programs — should global crypto platforms be legally required to implement government-grade cybersecurity standards, or does that fundamentally contradict what decentralized finance is supposed to be? #CryptoSecurity #DeFiHacks #BlockchainSecurity #LazarusGroup #Web3

North Korea Stole 76% of All Crypto Hack Value in 2026 — With Just Two Attacks

North Korea Stole 76% of All Crypto Hack Value in 2026 — With Just Two Attacks
A state-sponsored hacking program, built inside a sanctioned government, executed 12 minutes of code and walked away with $577 million. This is not cybercrime. It is state-directed financial warfare — and the crypto industry is its primary battlefield.
📊 Q2 2026 — The Most Hacked Quarter in Crypto History
◆ Hackers carried out 83 incidents in Q2 2026 — the quarter with the most exploits ever recorded in the history of the crypto industry; total losses for the quarter reached $755.3 million (Crypto Economy)
◆ By the end of May 2026, total DeFi hack losses for the year exceeded $840 million across more than 50 incidents — a 70% year-over-year increase compared to the same window in 2025 (altFINS)
◆ April 2026 was identified as the single worst month in DeFi history — over 30 separate attacks tracked, netting attackers approximately $635 million in total; one of the highest monthly loss figures since early 2025 (Finextra)
◆ As recently as June 24, 2026, SecondFi on the Cardano ecosystem was exploited for an estimated $19.4–20 million, linked to a flaw in its proprietary wallet generation software — with SlowMist analysts estimating up to 129 million ADA compromised (Bitcoin Foundation)
🇰🇵 North Korea's Lazarus Group — The Verified Numbers
◆ North Korean hacking groups accounted for 76% of all crypto hack value in 2026 through April — not because they launched a wave of attacks, but because two attacks totaling $577 million dwarfed everything else; those two attacks represent just 3% of 2026's incident count (TRM)
◆ DPRK-linked actors stole $2.02 billion in 2025, a 51% year-on-year increase; North Korea's cumulative attributed crypto theft now exceeds $6.75 billion since 2017 (Sanctions.io)
◆ In the past two weeks of April alone, the group siphoned more than $500 million from two exploits; a senior blockchain security researcher at CertiK stated the crypto industry needs to start viewing Lazarus the same way banks view nation-state cyber actors — "as a constant and well-funded threat, not just another news headline" (CoinDesk)
◆ The UN Panel of Experts has estimated that crypto theft funds a material proportion of North Korea's ballistic missile and nuclear weapons development programs, documented in Security Council reports with specific transaction analysis linking attributed proceeds to weapons procurement networks (Sanctions.io)
🌉 Attack #1 — Drift Protocol: $285 Million, 12 Minutes, 6 Months of Planning
◆ The Drift Protocol breach on April 1, 2026 involved three weeks of pre-attack staging and months of social engineering to compromise protocol signers — the full drain of $285 million was then executed in approximately 12 minutes (TRM)
◆ The Drift attack was not a code exploit — it was a six-month social engineering operation targeting the people who controlled admin keys; private key compromises accounted for the majority of stolen funds, and smart contract audits provide no protection against a developer targeted by a state-backed team with months of patience (Phemex)
◆ The stolen tokens were converted to USDC via Jupiter, bridged to Ethereum, and swapped into ETH — distributed across fresh wallets before going dormant; the stolen ETH has not moved since the day of the theft, consistent with North Korea's documented strategy of holding proceeds for months or years before executing a structured cashout (TRM)
🌉 Attack #2 — KelpDAO: $292 Million Through a Single Bridge Flaw
◆ On April 18, 2026, KelpDAO was exploited for approximately $290 million after two blockchain servers hosted by LayerZero were compromised — a token linked to the Ethereum network was drained through a forged cross-chain message; LayerZero's statement said "preliminary indicators suggest attribution to a highly sophisticated state actor, likely DPRK's Lazarus Group" (UPI)
◆ The attacker exploited the protocol's bridge contract and created unbacked tokens, then used them to borrow real assets — Cyvers described this as "exactly how this kind of exploit blows up so fast" and confirmed it became a cross-protocol contagion event affecting at least 9 protocols simultaneously; Aave V3, SparkLend, Fluid, Compound, and Euler all moved to freeze exposure (CryptoPotato)
◆ After the Arbitrum Security Council froze approximately $75 million of the stolen funds, approximately $175 million in ETH was moved through THORChain and converted to Bitcoin — the same laundering route used in the 2025 Bybit theft; THORChain processed the vast majority of proceeds from both incidents, converting hundreds of millions in stolen ETH to Bitcoin with no operator intervention (TRM)
◆ More than $13 billion was wiped from total DeFi TVL in the two days following the KelpDAO breach alone (UPI)
🦠 The New Attack Vector Nobody Saw Coming — "Mach-O Man"
◆ Lazarus Group is now running a macOS-focused campaign dubbed "Mach-O Man" targeting executives at fintech and crypto firms through routine business communications — using a social engineering technique called ClickFix, where victims are lured into fake online meetings and instructed to paste a command into their Mac terminal, granting attackers access to corporate and financial systems (CoinDesk)
◆ Mach-O Man is a modular malware kit that often erases itself before victims realize they have been compromised — "Most victims of this hack will not realize their security has been breached until the damage has been done, at which time the malware will have already erased itself," according to CertiK's senior blockchain security researcher (CoinDesk)
◆ On March 12, 2026, OFAC designated new sanctions targets tied to North Korea's IT worker program, which has evolved from operatives applying for remote jobs at crypto firms to orchestrating fake hiring processes — posing as recruiters for prominent Web3 and AI companies to harvest credentials, source code, and VPN access (Sanctions.io)
⚠️ Why Cross-Chain Bridges Remain the Highest-Value Target
◆ Cross-chain bridge vulnerabilities accounted for $351 million — nearly half — of Q2 2026's total losses; the LayerZero bridge exploit alone facilitated the KelpDAO breach (Blockchain News)
◆ Bridges hold large pools of locked assets and rely on cross-chain messaging systems that are difficult to verify — when a bridge breaks, an attacker can drain the entire reserve backing wrapped tokens across multiple chains in a single transaction, making bridges the highest-value targets in DeFi; the problem is architectural, not just implementation-specific (1inch)
◆ Mitchell Amador, CEO of bug bounty platform Immunefi, warned that advances in artificial intelligence are exacerbating these trends — describing the rise of AI-enabled hacking as a "vulnerability apocalypse," with attackers leveraging machine learning to exploit weaknesses at unprecedented scale (Crypto Economy)
🔍 The Uncomfortable Reality
Compromised accounts now account for more than 50% of all DeFi attacks by incident count — overtaking traditional smart contract exploits as the primary source of losses for the first time; by dollar value, the skew is even more pronounced (altFINS)
The pattern is consistent across every major 2026 incident: the code is not the weakest link anymore. The humans who control the keys are. A six-month social engineering campaign targeting one developer is all it takes to drain a protocol holding hundreds of millions. No audit catches that. No smart contract upgrade prevents it. The industry's security model was built for the wrong threat.
With North Korea running what amounts to a state-funded cyber operation that stole $6.75 billion in crypto since 2017 to finance weapons programs — should global crypto platforms be legally required to implement government-grade cybersecurity standards, or does that fundamentally contradict what decentralized finance is supposed to be?
#CryptoSecurity #DeFiHacks #BlockchainSecurity #LazarusGroup #Web3
ADA-0,68%
BTC-0,66%
ETH+0,20%
67
CryptoWthBilal
·
--
🚨 WSJ Report: New Questions Around the Bybit Hack According to reports cited by The Wall Street Journal, blockchain analytics firms have been tracking funds linked to the February 2025 Bybit hack, which US authorities attribute to North Korea's Lazarus Group. Reports suggest that portions of the stolen crypto may have moved through multiple wallets, stablecoins, and exchanges, with investigators examining potential links to sanctioned entities and regional crypto networks. Key Takeaways: • Lazarus Group remains under scrutiny for major crypto thefts • Blockchain investigators continue tracing fund movements • Compliance and AML controls across the industry are facing increased attention • Regulators may intensify oversight of cross-border crypto transactions The situation is still developing, and official investigations may reveal additional details over time. What do you think this means for crypto exchanges and compliance standards going forward? 👇$BTC {future}(BTCUSDT) #CryptoNews #Bybit #LazarusGroup #Blockchain #BinanceSquareBTC
🚨 WSJ Report: New Questions Around the Bybit Hack

According to reports cited by The Wall Street Journal, blockchain analytics firms have been tracking funds linked to the February 2025 Bybit hack, which US authorities attribute to North Korea's Lazarus Group.

Reports suggest that portions of the stolen crypto may have moved through multiple wallets, stablecoins, and exchanges, with investigators examining potential links to sanctioned entities and regional crypto networks.

Key Takeaways: • Lazarus Group remains under scrutiny for major crypto thefts • Blockchain investigators continue tracing fund movements • Compliance and AML controls across the industry are facing increased attention • Regulators may intensify oversight of cross-border crypto transactions

The situation is still developing, and official investigations may reveal additional details over time.

What do you think this means for crypto exchanges and compliance standards going forward? 👇$BTC
#CryptoNews #Bybit #LazarusGroup #Blockchain #BinanceSquareBTC
BTC-0,66%
ETH+0,20%
45
AfMan
·
--
🚨 REPLAY DU PLUS GROS HACK DE 2026 : Le hacker de Kelp DAO a lavé 220M$ ! 🐋 C'est le feuilleton on-chain qui secoue l'écosystème DeFi. Selon les données d'Arkham et de NS3.AI, l'attaquant derrière l'exploit massif de Kelp DAO a réussi à blanchir environ 220 millions de dollars de fonds volés au cours des 6 dernières semaines, principalement en transitant via THORChain et Umbra. Retour sur un braquage chirurgical en 3 points clés : 1️⃣ L'attaque (18 avril 2026) : Le hacker (fortement suspecté d'être lié au groupe nord-coréen Lazarus) profite d'une faille de configuration (1-of-1 DVN) sur le pont LayerZero de Kelp DAO. En orchestrant une attaque DDoS pour paralyser les nœuds RPC honnêtes, il injecte un faux message de validation et siphonne 116 500 rsETH, soit un butin de 293 millions de dollars ! 2️⃣ La contre-attaque d'Arbitrum : Le 21 avril, le Conseil de Sécurité d'Arbitrum prend une mesure d'urgence historique en gelant 71 millions de dollars (30 766 $ETH ETH) liés à l'exploit. Si cette action a sauvé une partie des meubles, elle a enflammé les débats : la DeFi est-elle vraiment décentralisée si un conseil peut bloquer vos fonds ? Pour l'instant, le sort de cet argent est entre les mains de la gouvernance des détenteurs de tokens $ARB . 3️⃣ Le dénouement juridique : L'affaire passe à la vitesse supérieure et sort de la blockchain. Une audience cruciale est attendue ce vendredi à New York pour statuer sur les revendications de propriété des fonds actuellement gelés sur Arbitrum. Ce hack rappelle cruellement que la sécurité d'un protocole ne dépend pas seulement de ses smart contracts, mais aussi des couches d'infrastructure et des validateurs tiers. Le feuilleton juridique de ce vendredi va-t-il créer un précédent pour la récupération des fonds volés en DeFi ? Donnez votre avis en commentaire ! 👇 Disclaimer : Pas un conseil financier. DYOR. $ARB #KelpDAO #LazarusGroup #DeFiHacks #Arbitrum #CryptoNews {future}(ETHUSDT)
🚨 REPLAY DU PLUS GROS HACK DE 2026 :

Le hacker de Kelp DAO a lavé 220M$ ! 🐋
C'est le feuilleton on-chain qui secoue l'écosystème DeFi.
Selon les données d'Arkham et de NS3.AI, l'attaquant derrière l'exploit massif de Kelp DAO a réussi à blanchir environ 220 millions de dollars de fonds volés au cours des 6 dernières semaines, principalement en transitant via THORChain et Umbra.
Retour sur un braquage chirurgical en 3 points clés :

1️⃣ L'attaque (18 avril 2026) :
Le hacker (fortement suspecté d'être lié au groupe nord-coréen Lazarus) profite d'une faille de configuration (1-of-1 DVN) sur le pont LayerZero de Kelp DAO. En orchestrant une attaque DDoS pour paralyser les nœuds RPC honnêtes, il injecte un faux message de validation et siphonne 116 500 rsETH, soit un butin de 293 millions de dollars !

2️⃣ La contre-attaque d'Arbitrum :
Le 21 avril, le Conseil de Sécurité d'Arbitrum prend une mesure d'urgence historique en gelant 71 millions de dollars (30 766 $ETH ETH) liés à l'exploit. Si cette action a sauvé une partie des meubles, elle a enflammé les débats : la DeFi est-elle vraiment décentralisée si un conseil peut bloquer vos fonds ? Pour l'instant, le sort de cet argent est entre les mains de la gouvernance des détenteurs de tokens $ARB .

3️⃣ Le dénouement juridique :
L'affaire passe à la vitesse supérieure et sort de la blockchain. Une audience cruciale est attendue ce vendredi à New York pour statuer sur les revendications de propriété des fonds actuellement gelés sur Arbitrum.
Ce hack rappelle cruellement que la sécurité d'un protocole ne dépend pas seulement de ses smart contracts, mais aussi des couches d'infrastructure et des validateurs tiers.
Le feuilleton juridique de ce vendredi va-t-il créer un précédent pour la récupération des fonds volés en DeFi ?
Donnez votre avis en commentaire ! 👇
Disclaimer : Pas un conseil financier. DYOR.
$ARB #KelpDAO #LazarusGroup #DeFiHacks #Arbitrum #CryptoNews
ETH+0,20%
ARB+2,02%
132
Doctor media
·
--
🚨 THE $1.5 BILLION BYBIT HEIST: CRYPTO’S BIGGEST THEFT IN HISTORY! 💥 Imagine waking up to find $1.5 BILLION in crypto vanished from one of the world’s biggest exchanges… in a single night. On February 21, 2025, hackers (widely linked to North Korea’s elite Lazarus Group) pulled off the largest crypto theft ever recorded — draining roughly 401,000 ETH from Bybit’s cold wallets. How did they do it? They didn’t smash through firewalls with brute force. Instead, they allegedly compromised a third-party developer’s workstation, slipped in malicious code, and tricked the system into approving massive unauthorized transactions. Smooth. Silent. Devastating. This wasn’t just another hack — it shattered previous records and made up a huge chunk of the $3.4 BILLION stolen across crypto in 2025 alone. North Korean state hackers reportedly pocketed over $2 BILLION that year to fund their regime. Bybit moved fast — reimbursing users from company funds — but the stolen ETH started moving through mixers and bridges almost immediately. Hundreds of millions are still unrecovered. The scary part? Even the biggest platforms with top-tier security aren’t 100% safe. One compromised employee or vendor… and billions disappear into thin air. This is why self-custody, hardware wallets, and never sharing seed phrases matter more than ever. What do you think? 👇 Biggest heist ever 🔥 (Comment BYBIT) State-sponsored danger 🇰🇵 (Comment LAZARUS) Time to go full self-custody 🛡️ (Comment SELF) Drop your thoughts — will we see even bigger hacks in 2026? #BybitHack #LazarusGroup #BinanceSquare #CryptoNews #Ethereum $ETH {future}(ETHUSDT)
🚨 THE $1.5 BILLION BYBIT HEIST: CRYPTO’S BIGGEST THEFT IN HISTORY! 💥

Imagine waking up to find $1.5 BILLION in crypto vanished from one of the world’s biggest exchanges… in a single night.
On February 21, 2025, hackers (widely linked to North Korea’s elite Lazarus Group) pulled off the largest crypto theft ever recorded — draining roughly 401,000 ETH from Bybit’s cold wallets.

How did they do it?
They didn’t smash through firewalls with brute force. Instead, they allegedly compromised a third-party developer’s workstation, slipped in malicious code, and tricked the system into approving massive unauthorized transactions. Smooth. Silent. Devastating.

This wasn’t just another hack — it shattered previous records and made up a huge chunk of the $3.4 BILLION stolen across crypto in 2025 alone. North Korean state hackers reportedly pocketed over $2 BILLION that year to fund their regime.
Bybit moved fast — reimbursing users from company funds — but the stolen ETH started moving through mixers and bridges almost immediately. Hundreds of millions are still unrecovered.

The scary part?
Even the biggest platforms with top-tier security aren’t 100% safe. One compromised employee or vendor… and billions disappear into thin air.
This is why self-custody, hardware wallets, and never sharing seed phrases matter more than ever.

What do you think? 👇
Biggest heist ever 🔥 (Comment BYBIT)
State-sponsored danger 🇰🇵 (Comment LAZARUS)
Time to go full self-custody 🛡️ (Comment SELF)
Drop your thoughts — will we see even bigger hacks in 2026?

#BybitHack #LazarusGroup #BinanceSquare #CryptoNews #Ethereum
$ETH
ETH+0,20%
1
38
Merlene Conelli ng3o
·
--
Artículo
​🛡️ DeFi-апокаліпсис квітня 2026: Чому збитки у $800 млн — це лише частина проблеми?​Квітень 2026 року офіційно став «найкривавішим» місяцем для криптоіндустрії. Сукупні збитки з початку року вже перевищили $800 мільйонів, і майже весь цей об’єм припадає на останні 30 днів. ​Ми спостерігаємо не просто серію зломів, а системну кризу безпеки інфраструктури та комунікацій. ​📉 Хроніка квітня: Гіганти та їхні помилки ​Основний удар нанесли інциденти з величезним капіталом, де за атаками простежується почерк Lazarus Group: ​Kelp DAO ($292 млн): Критична вразливість «1-of-1 verifier» у мосту LayerZero.​Drift Protocol ($285 млн): Наслідки складної операції соціальної інженерії проти Solana-DEX. ​На цьому фоні менші проєкти стали наочними посібниками з помилок: ​Grinex ($13,74 млн): Біржа в ауті з середини місяця.​Volo Protocol ($3,5 млн): Експлуатація сховищ на Sui.​CoW Swap ($1,2 млн): Класичнa атака на інтерфейс. ​⚠️ Wasabi Protocol: Таємницю розкрито (UPD: $5 млн+) ​Після тривожного мовчання ситуація з Wasabi нарешті прояснилася. Станом на 30 квітня підтверджено збитки понад $5 млн на Ethereum та Arbitrum. Причина — баг у валідації підписів, що дозволив провести Replay Attack. ​🧠 Головний урок Wasabi: Коли «довіра» стає вразливістю ​Інцидент із Wasabi — це не просто черговий баг, а жорстке нагадування про три системні проблеми: ​Ілюзія безпечних підписів: Ми звикли вважати підпис транзакції захищеним, але якщо контракт не вміє відрізняти старий дозвіл від нового, ваші кошти стають власністю хакера.​Пастка Unlimited Approvals: Користувачі продовжують надавати протоколам необмежені права. Саме ці «сплячі» дозволи дозволили зловмиснику маніпулювати чужими активами.​Криза комунікації: Тривала пауза від команди без офіційного post-mortem — це неприпустимо у 2026 році. Інформаційний вакуум спалює довіру швидше, ніж хакер — ліквідність. ​🧩 Висновок: Ми знову не вчимося? ​Хакери змістили фокус із пошуку помилок у коді на інфраструктуру: DNS, RPC-вузли та адмін-ключі. Кожен звіт пише про одні й ті самі уроки, але наступна атака зазвичай стається за тією ж схемою ще до того, як індустрія впроваджує захист. ​#DeFi #WasabiProtocol #CryptoSecurity #BinanceSquare #Web3Safety #LazarusGroup #BlockchainSecurity

​🛡️ DeFi-апокаліпсис квітня 2026: Чому збитки у $800 млн — це лише частина проблеми?

​Квітень 2026 року офіційно став «найкривавішим» місяцем для криптоіндустрії. Сукупні збитки з початку року вже перевищили $800 мільйонів, і майже весь цей об’єм припадає на останні 30 днів.
​Ми спостерігаємо не просто серію зломів, а системну кризу безпеки інфраструктури та комунікацій.
​📉 Хроніка квітня: Гіганти та їхні помилки
​Основний удар нанесли інциденти з величезним капіталом, де за атаками простежується почерк Lazarus Group:
​Kelp DAO ($292 млн): Критична вразливість «1-of-1 verifier» у мосту LayerZero.​Drift Protocol ($285 млн): Наслідки складної операції соціальної інженерії проти Solana-DEX.
​На цьому фоні менші проєкти стали наочними посібниками з помилок:
​Grinex ($13,74 млн): Біржа в ауті з середини місяця.​Volo Protocol ($3,5 млн): Експлуатація сховищ на Sui.​CoW Swap ($1,2 млн): Класичнa атака на інтерфейс.
​⚠️ Wasabi Protocol: Таємницю розкрито (UPD: $5 млн+)
​Після тривожного мовчання ситуація з Wasabi нарешті прояснилася. Станом на 30 квітня підтверджено збитки понад $5 млн на Ethereum та Arbitrum. Причина — баг у валідації підписів, що дозволив провести Replay Attack.
​🧠 Головний урок Wasabi: Коли «довіра» стає вразливістю
​Інцидент із Wasabi — це не просто черговий баг, а жорстке нагадування про три системні проблеми:
​Ілюзія безпечних підписів: Ми звикли вважати підпис транзакції захищеним, але якщо контракт не вміє відрізняти старий дозвіл від нового, ваші кошти стають власністю хакера.​Пастка Unlimited Approvals: Користувачі продовжують надавати протоколам необмежені права. Саме ці «сплячі» дозволи дозволили зловмиснику маніпулювати чужими активами.​Криза комунікації: Тривала пауза від команди без офіційного post-mortem — це неприпустимо у 2026 році. Інформаційний вакуум спалює довіру швидше, ніж хакер — ліквідність.
​🧩 Висновок: Ми знову не вчимося?
​Хакери змістили фокус із пошуку помилок у коді на інфраструктуру: DNS, RPC-вузли та адмін-ключі. Кожен звіт пише про одні й ті самі уроки, але наступна атака зазвичай стається за тією ж схемою ще до того, як індустрія впроваджує захист.
​#DeFi #WasabiProtocol #CryptoSecurity #BinanceSquare #Web3Safety #LazarusGroup #BlockchainSecurity
7
487
Smiler030
·
--
​🚨 Security Alert: Record increase in cyber attacks on DeFi platforms ​A big shock for the crypto world! According to reports, operators linked to North Korea have stolen more than $500 million from DeFi platforms in less than three weeks. Their total crypto hacking has now reached an estimated $6.75 billion. ⚠️💸 ​Recent major hacks (Exploits): ​KelpDAO (April 18): Loss of about $290 million. According to forensic analysis, the Lazarus Group's 'TraderTraitor' group is behind it. ​Drift Protocol (April 1): Loss of about $286 million. According to Elliptic reports, the patterns of this hack are exactly the same as previous attacks by the DPRK (North Korea). ​Horrifying revelation: The 'Ketman Project' has revealed that nearly 100 North Korean operators are working inside various blockchain companies to carry out secret hacking. ​Important advice for investors: ​Keep your wallets safe: Use only reputable and audited DeFi protocols. ​Unusual activity: If you are investing in a project, be sure to check its security team and recent audit reports. ​Large holdings: Don't keep all your digital wealth on a single DeFi platform. ​This news is a reminder that security should be the top priority in the blockchain world. What do you think about these attacks? Should DeFi platforms adopt more stringent security protocols? Let us know your thoughts in the comments! 👇 ​Follow me for more market alerts and security updates! $BSB $ON $UAI ​#DeFi #CryptoSecurity #LazarusGroup BlockchainNews CryptoMarket DigitalAssets #cyberattack
​🚨 Security Alert: Record increase in cyber attacks on DeFi platforms

​A big shock for the crypto world! According to reports, operators linked to North Korea have stolen more than $500 million from DeFi platforms in less than three weeks. Their total crypto hacking has now reached an estimated $6.75 billion. ⚠️💸

​Recent major hacks (Exploits):

​KelpDAO (April 18): Loss of about $290 million. According to forensic analysis, the Lazarus Group's 'TraderTraitor' group is behind it.

​Drift Protocol (April 1): Loss of about $286 million. According to Elliptic reports, the patterns of this hack are exactly the same as previous attacks by the DPRK (North Korea).

​Horrifying revelation:

The 'Ketman Project' has revealed that nearly 100 North Korean operators are working inside various blockchain companies to carry out secret hacking.

​Important advice for investors:

​Keep your wallets safe: Use only reputable and audited DeFi protocols.

​Unusual activity: If you are investing in a project, be sure to check its security team and recent audit reports.

​Large holdings: Don't keep all your digital wealth on a single DeFi platform.

​This news is a reminder that security should be the top priority in the blockchain world. What do you think about these attacks? Should DeFi platforms adopt more stringent security protocols? Let us know your thoughts in the comments! 👇

​Follow me for more market alerts and security updates!

$BSB $ON $UAI

#DeFi #CryptoSecurity #LazarusGroup BlockchainNews CryptoMarket DigitalAssets #cyberattack
BSB+0,37%
ON-2,40%
UAI-3,24%
269
Analisa Amara
·
--
Artículo
Mengenal Lazarus Group, "Militer Siber" di Balik Pencurian Kripto Terbesar Dunia​Halo, Warga Binance Square! ​Melanjutkan laporan kita tentang lonjakan serangan siber sebesar 1.140% di bulan April 2026, muncul satu nama yang terus mendominasi berita utama: Lazarus Group. ​Namun, siapakah mereka sebenarnya? Mengapa mereka begitu terobsesi dengan DeFi? Dan untuk siapa mereka bekerja? Mari kita bedah tuntas profil kelompok peretas yang kini menyumbang 76% kerugian siber global tahun ini. ​1. Siapa Kelompok Lazarus? ​Lazarus Group (juga dikenal sebagai APT38) bukanlah sekelompok peretas amatir yang bekerja dari ruang bawah tanah. Mereka adalah unit elit siber yang sangat terorganisir dan memiliki pelatihan tingkat militer. ​Dunia pertama kali mengenal mereka secara luas melalui serangan terhadap Sony Pictures tahun 2014. Namun, sejak saat itu, mereka telah berevolusi menjadi mesin pencuri uang digital yang sangat canggih, menargetkan institusi keuangan dan protokol kripto dengan presisi yang mematikan. ​2. Apa Motif di Balik Serangan Mereka? ​Berbeda dengan kelompok peretas dari negara lain yang biasanya mencuri informasi untuk spionase politik, Lazarus memiliki satu motif utama: UANG. Pendanaan Negara: Mereka bertindak sebagai instrumen pencari dana keras (hard currency) bagi negara yang sedang diisolasi secara ekonomi oleh sanksi internasional.Target Ekosistem Kripto: Lazarus memilih sektor kripto karena sifatnya yang tanpa batas dan relatif lebih mudah dikonversi dibandingkan sistem perbankan tradisional. Kasus eksploitasi Kelp DAO dan Drift Protocol baru-baru ini menjadi bukti bahwa mereka hanya mengincar "ikan besar" dengan hasil curian ratusan juta dolar. ​3. Untuk Siapa Mereka Bekerja? ​Analisis forensik digital dan laporan intelijen global (termasuk dari PBB dan FBI) telah mengonfirmasi bahwa Lazarus Group bekerja secara langsung untuk pemerintah Korea Utara. ​Mereka berada di bawah kendali Biro Umum Pengintaian (RGB), badan intelijen militer utama negara tersebut. Anggota kelompok ini adalah individu-individu terpilih yang dididik secara khusus dalam ilmu komputer sejak kecil. Operasi mereka sering kali dijalankan dari berbagai belahan dunia untuk menyamarkan jejak geografis dan menghindari pelacakan. ​Pelajaran bagi Investor Kripto ​Melihat fakta bahwa musuh yang kita hadapi di jaringan adalah organisasi tingkat negara, langkah keamanan tidak bisa lagi dilakukan dengan setengah hati. ​Kesabaran Predator: Lazarus dikenal sangat sabar. Mereka bisa mengintai sebuah protokol selama berbulan-bulan sebelum melakukan serangan.​Pesan Keamanan: Jika Anda adalah pemegang aset jangka panjang (target 2031), menyimpan aset di dompet panas (hot wallet) yang terhubung internet sangatlah berisiko. Gunakan Hardware Wallet dan pantau terus izin smart contract Anda. ​Kesimpulan: Dunia kripto adalah kebebasan, namun kebebasan tanpa keamanan adalah kerentanan. Dengan mengenal siapa lawan kita, kita bisa membangun pertahanan yang lebih kuat. ​Bagaimana menurut kalian? Apakah regulasi keamanan siber saat ini sudah cukup untuk membendung serangan berskala negara seperti Lazarus? Mari berdiskusi! ​#CryptoSecurity #LazarusGroup #CyberInvestigation #BinanceSquareIndonesia #SafetyFirst2026 $BTC {spot}(BTCUSDT) $PEPE {spot}(PEPEUSDT)

Mengenal Lazarus Group, "Militer Siber" di Balik Pencurian Kripto Terbesar Dunia

​Halo, Warga Binance Square!
​Melanjutkan laporan kita tentang lonjakan serangan siber sebesar 1.140% di bulan April 2026, muncul satu nama yang terus mendominasi berita utama: Lazarus Group.
​Namun, siapakah mereka sebenarnya? Mengapa mereka begitu terobsesi dengan DeFi? Dan untuk siapa mereka bekerja? Mari kita bedah tuntas profil kelompok peretas yang kini menyumbang 76% kerugian siber global tahun ini.
​1. Siapa Kelompok Lazarus?
​Lazarus Group (juga dikenal sebagai APT38) bukanlah sekelompok peretas amatir yang bekerja dari ruang bawah tanah. Mereka adalah unit elit siber yang sangat terorganisir dan memiliki pelatihan tingkat militer.
​Dunia pertama kali mengenal mereka secara luas melalui serangan terhadap Sony Pictures tahun 2014. Namun, sejak saat itu, mereka telah berevolusi menjadi mesin pencuri uang digital yang sangat canggih, menargetkan institusi keuangan dan protokol kripto dengan presisi yang mematikan.
​2. Apa Motif di Balik Serangan Mereka?
​Berbeda dengan kelompok peretas dari negara lain yang biasanya mencuri informasi untuk spionase politik, Lazarus memiliki satu motif utama: UANG.
Pendanaan Negara: Mereka bertindak sebagai instrumen pencari dana keras (hard currency) bagi negara yang sedang diisolasi secara ekonomi oleh sanksi internasional.Target Ekosistem Kripto: Lazarus memilih sektor kripto karena sifatnya yang tanpa batas dan relatif lebih mudah dikonversi dibandingkan sistem perbankan tradisional. Kasus eksploitasi Kelp DAO dan Drift Protocol baru-baru ini menjadi bukti bahwa mereka hanya mengincar "ikan besar" dengan hasil curian ratusan juta dolar.
​3. Untuk Siapa Mereka Bekerja?
​Analisis forensik digital dan laporan intelijen global (termasuk dari PBB dan FBI) telah mengonfirmasi bahwa Lazarus Group bekerja secara langsung untuk pemerintah Korea Utara.
​Mereka berada di bawah kendali Biro Umum Pengintaian (RGB), badan intelijen militer utama negara tersebut. Anggota kelompok ini adalah individu-individu terpilih yang dididik secara khusus dalam ilmu komputer sejak kecil. Operasi mereka sering kali dijalankan dari berbagai belahan dunia untuk menyamarkan jejak geografis dan menghindari pelacakan.
​Pelajaran bagi Investor Kripto
​Melihat fakta bahwa musuh yang kita hadapi di jaringan adalah organisasi tingkat negara, langkah keamanan tidak bisa lagi dilakukan dengan setengah hati.
​Kesabaran Predator: Lazarus dikenal sangat sabar. Mereka bisa mengintai sebuah protokol selama berbulan-bulan sebelum melakukan serangan.​Pesan Keamanan: Jika Anda adalah pemegang aset jangka panjang (target 2031), menyimpan aset di dompet panas (hot wallet) yang terhubung internet sangatlah berisiko. Gunakan Hardware Wallet dan pantau terus izin smart contract Anda.
​Kesimpulan:
Dunia kripto adalah kebebasan, namun kebebasan tanpa keamanan adalah kerentanan. Dengan mengenal siapa lawan kita, kita bisa membangun pertahanan yang lebih kuat.
​Bagaimana menurut kalian? Apakah regulasi keamanan siber saat ini sudah cukup untuk membendung serangan berskala negara seperti Lazarus? Mari berdiskusi!
#CryptoSecurity #LazarusGroup #CyberInvestigation #BinanceSquareIndonesia #SafetyFirst2026
$BTC
$PEPE
BTC-0,66%
PEPE-1,26%
1
194
TheHolyCoins
·
--
Arkham Intelligence published a report examining Lazarus Group’s crypto laundering network and operational tactics between 2017 and 2026. According to the research, Lazarus-linked actors were tied to more than $6 billion in stolen cryptocurrency across exchange breaches, ransomware campaigns, bridge exploits, and decentralized finance attacks. Arkham said North Korean-linked actors accounted for more than 70% of crypto exploit losses recorded so far in 2026. The report described how Lazarus allegedly moves stolen assets through cross-chain bridges, mixers, centralized exchanges, OTC brokers, and fragmented wallet activity to complicate blockchain tracing efforts. THORChain was identified as a frequently used bridge for converting stolen assets into Bitcoin. Arkham also referenced mixers including Sinbad.io and YoMix, along with Russian exchanges and Chinese OTC brokers involved in cash-out activity. The research examined the April 2026 Drift Protocol ($DRIFT ) exploit, where attackers allegedly spent months building trust with employees through conferences, deposits exceeding $1 million, and fake partnership activity. Arkham said Lazarus later used pre-authorized Solana transactions to drain about $285 million from the protocol. The report also covered the February 2026 KelpDAO exploit. According to Arkham, attackers compromised LayerZero RPC nodes and forged cross-chain messages, allowing the withdrawal of 116,500 $rsETH valued at about $292 million. Arkham concluded that Lazarus continues adapting its laundering methods and attack strategies as blockchain tracing systems become more advanced. #arkham #DRIFT #KelpDAO #LazarusGroup #Lazarus
Arkham Intelligence published a report examining Lazarus Group’s crypto laundering network and operational tactics between 2017 and 2026.
According to the research, Lazarus-linked actors were tied to more than $6 billion in stolen cryptocurrency across exchange breaches, ransomware campaigns, bridge exploits, and decentralized finance attacks.
Arkham said North Korean-linked actors accounted for more than 70% of crypto exploit losses recorded so far in 2026.
The report described how Lazarus allegedly moves stolen assets through cross-chain bridges, mixers, centralized exchanges, OTC brokers, and fragmented wallet activity to complicate blockchain tracing efforts.
THORChain was identified as a frequently used bridge for converting stolen assets into Bitcoin. Arkham also referenced mixers including Sinbad.io and YoMix, along with Russian exchanges and Chinese OTC brokers involved in cash-out activity.
The research examined the April 2026 Drift Protocol ($DRIFT ) exploit, where attackers allegedly spent months building trust with employees through conferences, deposits exceeding $1 million, and fake partnership activity. Arkham said Lazarus later used pre-authorized Solana transactions to drain about $285 million from the protocol.
The report also covered the February 2026 KelpDAO exploit. According to Arkham, attackers compromised LayerZero RPC nodes and forged cross-chain messages, allowing the withdrawal of 116,500 $rsETH valued at about $292 million.
Arkham concluded that Lazarus continues adapting its laundering methods and attack strategies as blockchain tracing systems become more advanced.

#arkham #DRIFT #KelpDAO #LazarusGroup #Lazarus
ARKM0,00%
DRIFT+3,56%
422
Trader Queen92
·
--
🚨 DEFI EMERGENCY: The $292M Kelp DAO Exploit Explained! The Attack: A massive breach allowed hackers to mint 116,500 rsETH out of thin air. The Culprit: Initial reports link the attack to the Lazarus Group (North Korea). Contagion: Over 15 protocols (including Ethena and TRON DAO) have frozen their bridges to stop the bleeding. Stay Safe: If you hold rsETH, check your wallet immediately. Aave has already frozen these markets to protect users. 👉 Do follow for the latest DeFi security patches and safety tips! #KelpDAOFacesAttack #DeFiExploit #Web3Security #ETH #LazarusGroup $
🚨 DEFI EMERGENCY: The $292M Kelp DAO Exploit Explained!

The Attack: A massive breach allowed hackers to mint 116,500 rsETH out of thin air.

The Culprit: Initial reports link the attack to the Lazarus Group (North Korea).

Contagion: Over 15 protocols (including Ethena and TRON DAO) have frozen their bridges to stop the bleeding.

Stay Safe: If you hold rsETH, check your wallet immediately. Aave has already frozen these markets to protect users.

👉 Do follow for the latest DeFi security patches and safety tips!

#KelpDAOFacesAttack #DeFiExploit #Web3Security #ETH #LazarusGroup $
ETH+0,20%
105
华尔街在逃韭菜
·
--
微策终究还是超越了贝莱德,坐稳了全球持仓量的头把交椅;同时KelpDAO那1.75亿美金的被盗资金也开始异动,背后直指北边邻居。 塞勒这波是真硬,凭一己之力在规模上盖过了全球最大的资管巨头,这说明企业储备资产的叙事已经跑赢了ETF通道。宏观上看,筹码进一步向顶级意志集中,长线逻辑依然稳健。但这1.75亿美金的黑钱动向就像个情绪苍蝇,虽然实际抛压对大盘冲击有限,但“北边黑客”这四个字一出,总能让短线流动性紧一紧。一边是顶级合规明牌增持,一边是顶级黑产暗戳戳变现,这味儿太正了,妥妥的币圈魔幻现实主义。你们觉得塞勒这波能领跑多久? #MicroStrategy #BlackRock #KelpDAO #LazarusGroup $BTC $MSTR {future}(MSTRUSDT) {future}(BTCUSDT)
微策终究还是超越了贝莱德,坐稳了全球持仓量的头把交椅;同时KelpDAO那1.75亿美金的被盗资金也开始异动,背后直指北边邻居。
塞勒这波是真硬,凭一己之力在规模上盖过了全球最大的资管巨头,这说明企业储备资产的叙事已经跑赢了ETF通道。宏观上看,筹码进一步向顶级意志集中,长线逻辑依然稳健。但这1.75亿美金的黑钱动向就像个情绪苍蝇,虽然实际抛压对大盘冲击有限,但“北边黑客”这四个字一出,总能让短线流动性紧一紧。一边是顶级合规明牌增持,一边是顶级黑产暗戳戳变现,这味儿太正了,妥妥的币圈魔幻现实主义。你们觉得塞勒这波能领跑多久? #MicroStrategy #BlackRock #KelpDAO #LazarusGroup $BTC $MSTR
BTC-0,66%
MSTR-1,20%
400
Jim21
·
--
Alerta de Seguridad: El Grupo Lazarus golpea de nuevo con un robo de $290M ​El ecosistema cripto enfrenta su mayor desafío en lo que va de 2026. El reconocido grupo de hackers norcoreanos, Lazarus, es el principal sospechoso del masivo ataque sufrido este fin de semana contra la plataforma de inversión KelpDAO. ​Aquí los detalles clave de lo ocurrido: ​El Botín: Aproximadamente $290 millones de dólares en tokens vinculados a Ethereum. ​El Método: Fueron comprometidos dos servidores alojados a través de la aplicación LayerZero, permitiendo la extracción de los activos el pasado 18 de abril. ​El Impacto: Se consolida como el ciberataque de criptomonedas más grande registrado en 2026 hasta la fecha. ​🛡️ ¿Por qué es relevante? ​Expertos como Henri Arslanian (Nine Blocks Capital Management) señalan que la sofisticación del ataque apunta directamente a capacidades estatales. Según informes de la ONU, estos fondos sustraídos tienen un objetivo crítico y alarmante: financiar el programa de desarrollo de armas nucleares de Corea del Norte. ​Desde 2017, se estima que este grupo ha sustraído más de $3,000 millones de dólares en activos digitales. ​Afortunadamente, LayerZero ha comunicado que no hay contagio hacia otros activos o aplicaciones de su red, pero el incidente reabre el debate sobre la seguridad en protocolos de interoperabilidad y almacenamiento. ​Mantén tus activos seguros y siempre verifica los protocolos donde operas. 🔒 ​#LazarusGroup #CryptoSecurity2025 #KelpDAO #Ethereum #SeguridadCripto $ETH $BTC $BNB {future}(ETHUSDT) {future}(BTCUSDT) {future}(BNBUSDT)
Alerta de Seguridad: El Grupo Lazarus golpea de nuevo con un robo de $290M

​El ecosistema cripto enfrenta su mayor desafío en lo que va de 2026. El reconocido grupo de hackers norcoreanos, Lazarus, es el principal sospechoso del masivo ataque sufrido este fin de semana contra la plataforma de inversión KelpDAO.

​Aquí los detalles clave de lo ocurrido:

​El Botín: Aproximadamente $290 millones de dólares en tokens vinculados a Ethereum.

​El Método: Fueron comprometidos dos servidores alojados a través de la aplicación LayerZero, permitiendo la extracción de los activos el pasado 18 de abril.

​El Impacto: Se consolida como el ciberataque de criptomonedas más grande registrado en 2026 hasta la fecha.

​🛡️ ¿Por qué es relevante?

​Expertos como Henri Arslanian (Nine Blocks Capital Management) señalan que la sofisticación del ataque apunta directamente a capacidades estatales. Según informes de la ONU, estos fondos sustraídos tienen un objetivo crítico y alarmante: financiar el programa de desarrollo de armas nucleares de Corea del Norte.

​Desde 2017, se estima que este grupo ha sustraído más de $3,000 millones de dólares en activos digitales.

​Afortunadamente, LayerZero ha comunicado que no hay contagio hacia otros activos o aplicaciones de su red, pero el incidente reabre el debate sobre la seguridad en protocolos de interoperabilidad y almacenamiento.

​Mantén tus activos seguros y siempre verifica los protocolos donde operas. 🔒

#LazarusGroup #CryptoSecurity2025 #KelpDAO #Ethereum #SeguridadCripto

$ETH $BTC $BNB
BNB-1,06%
BTC-0,66%
ETH+0,20%
1
131
txhao
·
--
Artículo
$606 Million Stolen in 18 Days. April 2026 Is Already the Worst Month for Crypto Hacks Since Bybit.While markets were watching $79,000 and the Iran ceasefire, something else happened in April that deserves serious attention.Crypto protocols lost over $606 million to hacks in just 18 days of April 2026, making it the worst month since February 2025's Bybit breach. The entire first quarter of 2026 saw $165.5 million in losses across a relatively quiet stretch. April's $606 million total arrived in under three weeks, making the month 3.7 times larger than Q1 combined and pushing 2026's year-to-date theft total to approximately $771.8 million across 47 separate incidents. Two exploits account for nearly all of it. The $285 million Drift Protocol attack on April 1, later attributed to North Korea's Lazarus Group, and the $292 million KelpDAO breach on April 18, also linked to Lazarus, together represent roughly 95% of the month's losses and approximately 75% of everything stolen in crypto in 2026 so far. The same state-sponsored hacking group behind both attacks. Different protocols. Different chains. Different vulnerability types. Same attacker.Beyond the dollar totals, the pace of attacks is accelerating in a way that concerns security researchers as much as the individual incident sizes. DeFi recorded 47 separate incidents in the first four and a half months of 2026, compared with 28 over the same period in 2025, a 68% year-over-year increase in attack frequency. The diversification of attack vectors means that technical audits and code reviews alone are no longer sufficient protection for protocols with significant TVL. This is the part that most coverage misses. It's not just the dollar amounts. It's the shift in how protocols are being attacked. April's exploits cut across smart contract vulnerabilities, infrastructure attacks, and social engineering campaigns, including AI-driven attacks on wallets like Zerion. As crypto's cumulative hack losses have crossed $17 billion over the past decade, attackers are increasingly pivoting away from smart contract bugs toward private keys, signing infrastructure, and human-layer social engineering. AI-driven social engineering attacks. That's new and it's serious. As protocols hardened their smart contract code through multiple audits, sophisticated attackers evolved to target the humans operating the infrastructure — developers with admin keys, bridge operators, multisig signers.Jefferies has warned the string of marquee hacks could temporarily slow Wall Street's appetite for DeFi tokenization projects. PowerDrillThis is where the institutional story intersects with the security story. BlackRock, Morgan Stanley, Stripe — they're all building infrastructure on or adjacent to DeFi rails. If $600M+ can be stolen in 18 days from protocols that were considered secure, institutional risk departments need new frameworks before they commit more capital."DeFi remains a niche market until risk can be properly priced," one analyst wrote. That's the honest state of things. The technology is powerful. The security model isn't mature enough for the capital it's trying to hold. Both things are true simultaneously. #CryptoHacks #DeFiSecurity #LazarusGroup #KelpDAO #CryptoSecurity

$606 Million Stolen in 18 Days. April 2026 Is Already the Worst Month for Crypto Hacks Since Bybit.

While markets were watching $79,000 and the Iran ceasefire, something else happened in April that deserves serious attention.Crypto protocols lost over $606 million to hacks in just 18 days of April 2026, making it the worst month since February 2025's Bybit breach. The entire first quarter of 2026 saw $165.5 million in losses across a relatively quiet stretch. April's $606 million total arrived in under three weeks, making the month 3.7 times larger than Q1 combined and pushing 2026's year-to-date theft total to approximately $771.8 million across 47 separate incidents.
Two exploits account for nearly all of it. The $285 million Drift Protocol attack on April 1, later attributed to North Korea's Lazarus Group, and the $292 million KelpDAO breach on April 18, also linked to Lazarus, together represent roughly 95% of the month's losses and approximately 75% of everything stolen in crypto in 2026 so far.
The same state-sponsored hacking group behind both attacks. Different protocols. Different chains. Different vulnerability types. Same attacker.Beyond the dollar totals, the pace of attacks is accelerating in a way that concerns security researchers as much as the individual incident sizes. DeFi recorded 47 separate incidents in the first four and a half months of 2026, compared with 28 over the same period in 2025, a 68% year-over-year increase in attack frequency. The diversification of attack vectors means that technical audits and code reviews alone are no longer sufficient protection for protocols with significant TVL.
This is the part that most coverage misses. It's not just the dollar amounts. It's the shift in how protocols are being attacked. April's exploits cut across smart contract vulnerabilities, infrastructure attacks, and social engineering campaigns, including AI-driven attacks on wallets like Zerion. As crypto's cumulative hack losses have crossed $17 billion over the past decade, attackers are increasingly pivoting away from smart contract bugs toward private keys, signing infrastructure, and human-layer social engineering.
AI-driven social engineering attacks. That's new and it's serious. As protocols hardened their smart contract code through multiple audits, sophisticated attackers evolved to target the humans operating the infrastructure — developers with admin keys, bridge operators, multisig signers.Jefferies has warned the string of marquee hacks could temporarily slow Wall Street's appetite for DeFi tokenization projects. PowerDrillThis is where the institutional story intersects with the security story. BlackRock, Morgan Stanley, Stripe — they're all building infrastructure on or adjacent to DeFi rails. If $600M+ can be stolen in 18 days from protocols that were considered secure, institutional risk departments need new frameworks before they commit more capital."DeFi remains a niche market until risk can be properly priced," one analyst wrote.
That's the honest state of things. The technology is powerful. The security model isn't mature enough for the capital it's trying to hold. Both things are true simultaneously.
#CryptoHacks #DeFiSecurity #LazarusGroup #KelpDAO #CryptoSecurity
BTC-0,66%
1
279
bulbul__hussain
·
--
🚨 Major Legal Precedent for DAOs 🚨 A New York federal court has ordered Arbitrum DAO to freeze $71M in ETH seized from the recent Kelp DAO hack. The twist? The money isn't going back to the hack victims yet. Instead, victims of North Korean state terrorism are claiming it to settle a massive 2015 judgment against Pyongyang. ⚖️ Key Takeaways: 🔹 Lazarus Group Link: The funds are tied to North Korean hackers, making them a target for legal garnishment. 🔹 DAO as a "Partnership": The court is treating Arbitrum DAO as a liable entity, warning that Security Council members could face personal liability if they move the ETH. 🔹 Compensation Clash: Plans by Aave & Kelp DAO to refund exploit victims are now stalled by this US court order. This case marks a major shift in how US courts interact with "decentralized" governance. Is "Code is Law" officially meeting its match in federal court? #Arbitrum #KelpDAO #DeFi #CryptoNews #LazarusGroup #Ethereum $BTC {future}(BTCUSDT) $ETH {future}(ETHUSDT) $BNB {future}(BNBUSDT)
🚨 Major Legal Precedent for DAOs 🚨
A New York federal court has ordered Arbitrum DAO to freeze $71M in ETH seized from the recent Kelp DAO hack.
The twist? The money isn't going back to the hack victims yet. Instead, victims of North Korean state terrorism are claiming it to settle a massive 2015 judgment against Pyongyang. ⚖️
Key Takeaways:
🔹 Lazarus Group Link: The funds are tied to North Korean hackers, making them a target for legal garnishment.
🔹 DAO as a "Partnership": The court is treating Arbitrum DAO as a liable entity, warning that Security Council members could face personal liability if they move the ETH.
🔹 Compensation Clash: Plans by Aave & Kelp DAO to refund exploit victims are now stalled by this US court order.
This case marks a major shift in how US courts interact with "decentralized" governance. Is "Code is Law" officially meeting its match in federal court?
#Arbitrum #KelpDAO #DeFi #CryptoNews #LazarusGroup #Ethereum
$BTC
$ETH
$BNB
AAVE-1,84%
ETH+0,20%
ARB+2,02%
170
TradewithAbeer
·
--
🚨 Kelp DAO: The $292M Shadow Attack Unveiled! 📉⚔️ The full post-mortem on the Kelp DAO ($rs$ETH ) exploit is in, and it’s being called the most sophisticated "infrastructure poisoning" in DeFi history. On April 18, 2026, the Lazarus Group (TraderTraitor sub-group) successfully bypassed on-chain security by attacking the "plumbing" of the network. 📊 The "Heist" Final Count Total Drain: 116,500 rsETH (~$292 Million) released in a single block. Intercepted: 40,000 rsETH (~$95 Million) second attempt BLOCKED by Kelp’s emergency pause. Recovered: ~30,766 ETH (~$71 Million) frozen by the Arbitrum Security Council. Market Shock: Aave TVL plummeted $8 Billion as utilization hit 100% during the panic. 🔍 The "Invisible" Hack: The 1-of-1 Trap: Kelp relied on a single LayerZero verifier. Lazarus didn't hack the code; they isolated the verifier in a "data echo chamber." RPC Poisoning: The attackers compromised two internal RPC nodes and launched a massive DDoS attack on all external backups. The Phantom Burn: The verifier was fed fake data showing rsETH had been burned on a source chain. It "verified" a lie, and the Ethereum contract released the funds perfectly legally. Self-Destructing Malware: The malicious code wiped all logs and binaries from the infected nodes the moment the drain was complete. 📈 Current Market Recovery: $rsETH Peg: The token is under-collateralized on 20+ chains. Kelp is working on a recovery contract to buy back and burn supply using recovered and treasury funds. Institutional Shift: This hack is the "smoking gun" for the CLARITY Act in the Senate, with Coinbase and others reaching deals to mandate multi-verifier security standards. The "Lazarus" Loop: The attacker deposited stolen funds into Aave as collateral to borrow $195M in WETH, creating a massive debt scenario that the community is now unwinding. #KelpDAO #rsETH #LazarusGroup #DeFiSecurity #Aave #Arbitrum #BinanceSquare #CryptoNews2026 {future}(ETHUSDT)
🚨 Kelp DAO: The $292M Shadow Attack Unveiled! 📉⚔️

The full post-mortem on the Kelp DAO ($rs$ETH ) exploit is in, and it’s being called the most sophisticated "infrastructure poisoning" in DeFi history. On April 18, 2026, the Lazarus Group (TraderTraitor sub-group) successfully bypassed on-chain security by attacking the "plumbing" of the network.

📊 The "Heist" Final Count

Total Drain: 116,500 rsETH (~$292 Million) released in a single block.

Intercepted: 40,000 rsETH (~$95 Million) second attempt BLOCKED by Kelp’s emergency pause.

Recovered: ~30,766 ETH (~$71 Million) frozen by the Arbitrum Security Council.

Market Shock: Aave TVL plummeted $8 Billion as utilization hit 100% during the panic.

🔍 The "Invisible" Hack:

The 1-of-1 Trap: Kelp relied on a single LayerZero verifier. Lazarus didn't hack the code; they isolated the verifier in a "data echo chamber."

RPC Poisoning: The attackers compromised two internal RPC nodes and launched a massive DDoS attack on all external backups.

The Phantom Burn: The verifier was fed fake data showing rsETH had been burned on a source chain. It "verified" a lie, and the Ethereum contract released the funds perfectly legally.

Self-Destructing Malware: The malicious code wiped all logs and binaries from the infected nodes the moment the drain was complete.

📈 Current Market Recovery:

$rsETH Peg: The token is under-collateralized on 20+ chains. Kelp is working on a recovery contract to buy back and burn supply using recovered and treasury funds.

Institutional Shift: This hack is the "smoking gun" for the CLARITY Act in the Senate, with Coinbase and others reaching deals to mandate multi-verifier security standards.

The "Lazarus" Loop: The attacker deposited stolen funds into Aave as collateral to borrow $195M in WETH, creating a massive debt scenario that the community is now unwinding.

#KelpDAO #rsETH #LazarusGroup #DeFiSecurity #Aave #Arbitrum #BinanceSquare #CryptoNews2026
AAVE-1,84%
BTC-0,66%
ETH+0,20%
112
Analisa Amara
·
--
Artículo
Waspada! Serangan Siber Kripto April 2026 Melonjak 1.140%: Ancaman Nyata Kelompok LazarusHalo, Warga Binance Square! ​April 2026 tercatat sebagai salah satu bulan paling kelam dalam sejarah keamanan aset digital. Data terbaru menunjukkan lonjakan eksploitasi yang sangat mengkhawatirkan, memberikan peringatan keras bagi kita semua bahwa ekosistem kripto masih menjadi medan pertempuran siber yang sangat aktif. ​Statistik Mengerikan: Lonjakan 1.140% ​Bulan April lalu mencatatkan rekor buruk dengan total 40 eksploitasi besar yang melanda berbagai protokol. Total kerugian mencapai angka fantastis: US$646,89 juta. ​Jika kita bandingkan dengan bulan sebelumnya, angka ini menunjukkan lonjakan kerugian sebesar 1.140%. Peningkatan drastis ini mengindikasikan bahwa para peretas kini menggunakan metode yang jauh lebih canggih dan agresif untuk menguras dana dari protokol-protokol besar. ​Dua korban terbesar dalam gelombang serangan ini adalah: ​Kelp DAO: Mengalami kerugian sebesar US$292 juta.​Drift Protocol: Kehilangan dana mencapai US$285 juta. ​Dominasi Lazarus Group: Kualitas di Atas Kuantitas ​Laporan keamanan siber 2026 menegaskan kembali dominasi kelompok peretas asal Korea Utara, khususnya Lazarus Group dan afiliasinya. Meskipun jumlah serangan yang mereka luncurkan tidak terlalu banyak secara frekuensi, dampak yang dihasilkan sangat menghancurkan. ​Kelompok ini bertanggung jawab atas 76% dari total kerugian siber di sektor kripto sepanjang tahun 2026. Target utama mereka tetap konsisten: Protokol DeFi: Mencari celah pada logika smart contract.​Platform Lintas Rantai (Cross-chain Bridges): Mengeksploitasi kerentanan saat aset berpindah antar jaringan. ​Pelajaran Penting Bagi Investor ​Melihat fakta bahwa kelompok peretas profesional sekelas Lazarus kini mendominasi pasar, keamanan aset tidak bisa lagi dianggap remeh. Pertumbuhan portofolio kita tidak akan berarti apa-apa jika fondasi keamanannya rapuh. ​Sebagai langkah antisipasi, pastikan Anda: Melakukan Audit Mandiri: Selalu cek hasil audit protokol DeFi sebelum melakukan staking atau penyediaan likuiditas dalam jumlah besar.​Gunakan Cold Storage: Untuk investasi jangka panjang (target 2031), pastikan aset Anda berada di hardware wallet yang terputus dari koneksi internet.​Batasi Izin Smart Contract: Secara rutin cabut izin (revoke) kontrak yang sudah tidak Anda gunakan lagi. ​Kesimpulan: Keamanan adalah bagian integral dari investasi. Di tengah lonjakan serangan siber ini, jadilah investor yang tidak hanya pintar mencari cuan, tapi juga cerdik dalam menjaga aset. ​Bagaimana strategi keamanan Anda saat ini? Apakah Anda merasa protokol DeFi tempat Anda menyimpan aset sudah cukup aman? Mari berdiskusi di kolom komentar! ​#CryptoSecurity #LazarusGroup #Write2Earn #BinanceSquareIndonesia #CyberAttack2026 $PEPE {spot}(PEPEUSDT) $BTTC {spot}(BTTCUSDT)

Waspada! Serangan Siber Kripto April 2026 Melonjak 1.140%: Ancaman Nyata Kelompok Lazarus

Halo, Warga Binance Square!
​April 2026 tercatat sebagai salah satu bulan paling kelam dalam sejarah keamanan aset digital. Data terbaru menunjukkan lonjakan eksploitasi yang sangat mengkhawatirkan, memberikan peringatan keras bagi kita semua bahwa ekosistem kripto masih menjadi medan pertempuran siber yang sangat aktif.
​Statistik Mengerikan: Lonjakan 1.140%
​Bulan April lalu mencatatkan rekor buruk dengan total 40 eksploitasi besar yang melanda berbagai protokol. Total kerugian mencapai angka fantastis: US$646,89 juta.
​Jika kita bandingkan dengan bulan sebelumnya, angka ini menunjukkan lonjakan kerugian sebesar 1.140%. Peningkatan drastis ini mengindikasikan bahwa para peretas kini menggunakan metode yang jauh lebih canggih dan agresif untuk menguras dana dari protokol-protokol besar.
​Dua korban terbesar dalam gelombang serangan ini adalah:
​Kelp DAO: Mengalami kerugian sebesar US$292 juta.​Drift Protocol: Kehilangan dana mencapai US$285 juta.
​Dominasi Lazarus Group: Kualitas di Atas Kuantitas
​Laporan keamanan siber 2026 menegaskan kembali dominasi kelompok peretas asal Korea Utara, khususnya Lazarus Group dan afiliasinya. Meskipun jumlah serangan yang mereka luncurkan tidak terlalu banyak secara frekuensi, dampak yang dihasilkan sangat menghancurkan.
​Kelompok ini bertanggung jawab atas 76% dari total kerugian siber di sektor kripto sepanjang tahun 2026. Target utama mereka tetap konsisten:
Protokol DeFi: Mencari celah pada logika smart contract.​Platform Lintas Rantai (Cross-chain Bridges): Mengeksploitasi kerentanan saat aset berpindah antar jaringan.
​Pelajaran Penting Bagi Investor
​Melihat fakta bahwa kelompok peretas profesional sekelas Lazarus kini mendominasi pasar, keamanan aset tidak bisa lagi dianggap remeh. Pertumbuhan portofolio kita tidak akan berarti apa-apa jika fondasi keamanannya rapuh.
​Sebagai langkah antisipasi, pastikan Anda:
Melakukan Audit Mandiri: Selalu cek hasil audit protokol DeFi sebelum melakukan staking atau penyediaan likuiditas dalam jumlah besar.​Gunakan Cold Storage: Untuk investasi jangka panjang (target 2031), pastikan aset Anda berada di hardware wallet yang terputus dari koneksi internet.​Batasi Izin Smart Contract: Secara rutin cabut izin (revoke) kontrak yang sudah tidak Anda gunakan lagi.
​Kesimpulan:
Keamanan adalah bagian integral dari investasi. Di tengah lonjakan serangan siber ini, jadilah investor yang tidak hanya pintar mencari cuan, tapi juga cerdik dalam menjaga aset.
​Bagaimana strategi keamanan Anda saat ini? Apakah Anda merasa protokol DeFi tempat Anda menyimpan aset sudah cukup aman? Mari berdiskusi di kolom komentar!
#CryptoSecurity #LazarusGroup #Write2Earn #BinanceSquareIndonesia #CyberAttack2026
$PEPE
$BTTC
PEPE-1,26%
BTTC-3,70%
270
ThingsToKnow
·
--
Artículo
🚨 BREAKING: NORTH KOREA JUST STOLE $577M FROM DEFI IN 18 DAYS — AND NOBODY IS TALKING ABOUT......April 23, 2026 The numbers are in. They are catastrophic. Crypto protocols have lost over $606 million to hacks and exploits in just the first 18 days of April 2026 making it the single worst month for theft in the industry since the $1.4 billion Bybit breach in February 2025. Two attacks. Two names. Both point to the same culprit. 🔴 WHAT HAPPENED The $285 million Drift Protocol attack on April 1st, and the $292 million KelpDAO breach on April 18th both later attributed to North Korea’s Lazarus Group together represent roughly 95% of April’s losses. This wasn’t random. This was surgical. Following the KelpDAO exploit alone, DeFi’s total value locked fell over 7% in 24 hours. Aave dropped from $26.4 billion to near $17.9 billion. Billions. Gone. Overnight. 🔥 WHY IT MATTERS This isn’t just a bad month. The entire first quarter of 2026 saw just $165.5 million in losses. April’s total arrived in under three weeks making the month 3.7× larger than all of Q1 combined. The pace is accelerating dangerously. DeFi recorded 47 separate incidents in the first 4.5 months of 2026, compared with 28 over the same period in 2025 a 68% year-over-year increase in attack frequency. 📉 MARKET REACTION Panic. Institutional players are not waiting around. Institutional players responded with emergency rate limits and frozen bridge flows, while Jefferies warned the string of hacks could temporarily slow Wall Street’s appetite for DeFi tokenization projects. $BTC is holding. Alts are bleeding. Risk-off mode is fully activated. ⚠️ MOST PEOPLE ARE MISSING THIS DETAIL… Everyone is focused on the dollar amounts. But the real story is HOW they’re getting in. April’s exploits cut across smart contract vulnerabilities, infrastructure attacks, AND social engineering campaigns including AI-driven attacks on wallets. The old playbook of “just get your code audited” is dead. Lazarus Group is now deploying AI to target individuals. Your wallet. Your team. Your infra. As one analyst put it bluntly: “DeFi remains a niche market until risk can be properly priced and right now, we’re far from it.” 🔮 WHAT HAPPENS NEXT If even one more mid-size exploit hits before April 30th, the month’s total could approach $700 million. The Clarity Act which could bring regulatory structure to protect DeFi looks like a lost cause for April, with a potential Senate committee hearing pushed into May at the earliest. Meanwhile, the attackers are not slowing down. The question isn’t whether your protocol will be targeted. It’s whether you’ll still be solvent when it is. 🔒 #defi #KelpDAO #LazarusGroup #CryptoSecurity #BinanceSquare

🚨 BREAKING: NORTH KOREA JUST STOLE $577M FROM DEFI IN 18 DAYS — AND NOBODY IS TALKING ABOUT......

April 23, 2026
The numbers are in. They are catastrophic.
Crypto protocols have lost over $606 million to hacks and exploits in just the first 18 days of April 2026 making it the single worst month for theft in the industry since the $1.4 billion Bybit breach in February 2025.
Two attacks. Two names. Both point to the same culprit.

🔴 WHAT HAPPENED
The $285 million Drift Protocol attack on April 1st, and the $292 million KelpDAO breach on April 18th both later attributed to North Korea’s Lazarus Group together represent roughly 95% of April’s losses.
This wasn’t random. This was surgical.
Following the KelpDAO exploit alone, DeFi’s total value locked fell over 7% in 24 hours. Aave dropped from $26.4 billion to near $17.9 billion. Billions. Gone. Overnight.

🔥 WHY IT MATTERS
This isn’t just a bad month. The entire first quarter of 2026 saw just $165.5 million in losses. April’s total arrived in under three weeks making the month 3.7× larger than all of Q1 combined.
The pace is accelerating dangerously. DeFi recorded 47 separate incidents in the first 4.5 months of 2026, compared with 28 over the same period in 2025 a 68% year-over-year increase in attack frequency.

📉 MARKET REACTION
Panic. Institutional players are not waiting around. Institutional players responded with emergency rate limits and frozen bridge flows, while Jefferies warned the string of hacks could temporarily slow Wall Street’s appetite for DeFi tokenization projects.
$BTC is holding. Alts are bleeding. Risk-off mode is fully activated.

⚠️ MOST PEOPLE ARE MISSING THIS DETAIL…
Everyone is focused on the dollar amounts. But the real story is HOW they’re getting in.
April’s exploits cut across smart contract vulnerabilities, infrastructure attacks, AND social engineering campaigns including AI-driven attacks on wallets. The old playbook of “just get your code audited” is dead.
Lazarus Group is now deploying AI to target individuals. Your wallet. Your team. Your infra.
As one analyst put it bluntly: “DeFi remains a niche market until risk can be properly priced and right now, we’re far from it.”

🔮 WHAT HAPPENS NEXT
If even one more mid-size exploit hits before April 30th, the month’s total could approach $700 million.
The Clarity Act which could bring regulatory structure to protect DeFi looks like a lost cause for April, with a potential Senate committee hearing pushed into May at the earliest.
Meanwhile, the attackers are not slowing down.

The question isn’t whether your protocol will be targeted.
It’s whether you’ll still be solvent when it is. 🔒
#defi #KelpDAO #LazarusGroup #CryptoSecurity #BinanceSquare
BTC-0,66%
145
txhao
·
--
Artículo
The US Just Seized Nearly $500 Million in Iranian Crypto. North Korea's Lazarus Group Is Behind 76%Two law enforcement actions dropped this week that, combined, reveal something important about where crypto sits in the global geopolitical order. This is no longer a story about financial fraud. This is state-level warfare being conducted through digital assets.The US seized nearly $500 million in Iranian crypto.The US says it seized nearly $500 million in Iranian crypto assets. This is part of the broader financial campaign against Iran running parallel to the Strait of Hormuz conflict. The IRGC and affiliated entities have been using crypto — Bitcoin, USDT, and Ethereum — to route payments outside the SWIFT system, pay for imports under sanctions, and compensate assets in ways that traditional financial monitoring can't easily track. CointelegraphThe seizure happened simultaneously with an FBI-led global operation that arrested 276 suspects in pig butchering schemes — an FBI-led global enforcement effort targeting crypto pig butchering schemes led to the arrest of 276 suspects. Pig butchering is the social engineering scam where targets are cultivated over weeks or months through fake romantic relationships before being manipulated into depositing crypto into fraudulent investment platforms. CointelegraphNorth Korea's Lazarus Group: 76% of all 2026 losses, $6B stolen since 2017.The security intelligence research firm said North Korean state-backed hackers account for 76% of all crypto scam and hack losses in 2026 and have stolen $6 billion since 2017. New reporting this week on the Drift Protocol hack revealed the full scope of how Lazarus operates. The long con: North Korean spies spent months in-person to drain $285 million from Drift — the security intelligence research firm detailed how North Korean state-backed hackers infiltrated Drift through months of preparation, including suspected physical presence of operatives near the company's operations, before executing the exploit on April 1. Months of in-person preparation. This isn't a lone hacker running code from a basement. This is a structured, state-funded operation with the same discipline as any military intelligence unit — because that's exactly what it is. North Korea funds a significant portion of its weapons programs through crypto theft. The $577 million stolen in 2026 is not a side project. It's a strategic revenue source. PowerDrillPowerDrillThe picture this paints of crypto's global status in 2026: Iran uses crypto to evade sanctions. The US uses blockchain forensics to trace and seize those assets. North Korea steals crypto at industrial scale to fund its military. South Korea's FISA is monitoring DeFi protocols for state-linked wallets.Bitcoin was designed to be censorship-resistant and permissionless. What nobody anticipated when Satoshi wrote the whitepaper was that "permissionless" would eventually mean "accessible to every actor on earth" — including the ones building nuclear weapons and circumventing global financial sanctions.This doesn't change the fundamental value of decentralized money. But it changes how we need to think about the security, regulation, and geopolitical context of the ecosystem we're all participating in. #Bitcoin #LazarusGroup #CryptoSecurity #NorthKorea #IranSanctions

The US Just Seized Nearly $500 Million in Iranian Crypto. North Korea's Lazarus Group Is Behind 76%

Two law enforcement actions dropped this week that, combined, reveal something important about where crypto sits in the global geopolitical order. This is no longer a story about financial fraud. This is state-level warfare being conducted through digital assets.The US seized nearly $500 million in Iranian crypto.The US says it seized nearly $500 million in Iranian crypto assets. This is part of the broader financial campaign against Iran running parallel to the Strait of Hormuz conflict. The IRGC and affiliated entities have been using crypto — Bitcoin, USDT, and Ethereum — to route payments outside the SWIFT system, pay for imports under sanctions, and compensate assets in ways that traditional financial monitoring can't easily track. CointelegraphThe seizure happened simultaneously with an FBI-led global operation that arrested 276 suspects in pig butchering schemes — an FBI-led global enforcement effort targeting crypto pig butchering schemes led to the arrest of 276 suspects. Pig butchering is the social engineering scam where targets are cultivated over weeks or months through fake romantic relationships before being manipulated into depositing crypto into fraudulent investment platforms. CointelegraphNorth Korea's Lazarus Group: 76% of all 2026 losses, $6B stolen since 2017.The security intelligence research firm said North Korean state-backed hackers account for 76% of all crypto scam and hack losses in 2026 and have stolen $6 billion since 2017.
New reporting this week on the Drift Protocol hack revealed the full scope of how Lazarus operates. The long con: North Korean spies spent months in-person to drain $285 million from Drift — the security intelligence research firm detailed how North Korean state-backed hackers infiltrated Drift through months of preparation, including suspected physical presence of operatives near the company's operations, before executing the exploit on April 1.
Months of in-person preparation. This isn't a lone hacker running code from a basement. This is a structured, state-funded operation with the same discipline as any military intelligence unit — because that's exactly what it is. North Korea funds a significant portion of its weapons programs through crypto theft. The $577 million stolen in 2026 is not a side project. It's a strategic revenue source. PowerDrillPowerDrillThe picture this paints of crypto's global status in 2026: Iran uses crypto to evade sanctions. The US uses blockchain forensics to trace and seize those assets. North Korea steals crypto at industrial scale to fund its military. South Korea's FISA is monitoring DeFi protocols for state-linked wallets.Bitcoin was designed to be censorship-resistant and permissionless. What nobody anticipated when Satoshi wrote the whitepaper was that "permissionless" would eventually mean "accessible to every actor on earth" — including the ones building nuclear weapons and circumventing global financial sanctions.This doesn't change the fundamental value of decentralized money. But it changes how we need to think about the security, regulation, and geopolitical context of the ecosystem we're all participating in.
#Bitcoin #LazarusGroup #CryptoSecurity #NorthKorea #IranSanctions
BTC-0,66%
ETH+0,20%
53
Inicia sesión para explorar más contenidos
Únete a usuarios globales de criptomonedas en Binance Square
⚡️ Obtén información útil y actualizada sobre criptos.
💬 Avalado por el mayor exchange de criptomonedas en el mundo.
👍 Descubre perspectivas reales de creadores verificados.
Email/número de teléfono

Temas populares

1
#PBOCSetsOvernightLiquidityRateBelowForecasts
0 vistas
17 están debatiendo
2
#ChinaBlacklists40MoreJapanEntities
3,069 vistas
81 están debatiendo
3
#USIranAgreeToHaltAttacks
3,075 vistas
72 están debatiendo
4
#KoreaKOSDAQRulesRiskCryptoTreasuryFirmDelisting
7,303 vistas
152 están debatiendo
5
#SaylorHintsStrategyBitcoinBuy
1.2M vistas
6,654 están debatiendo
6
#USFuturesRise
3,603 vistas
114 están debatiendo
7
#OilJumps
1,698 vistas
84 están debatiendo
8
#OilPriceRises
5,098 vistas
119 están debatiendo
9
#BitcoinSpotETFs$1.79BWeeklyOutflow
678 vistas
20 están debatiendo
10
#BISSaysStablecoinsFallShortOfMoneyStandards
780 vistas
33 están debatiendo
Mapa del sitio
Términos y condiciones de la plataforma
Preferencias de cookies