The attack relied on social engineering to compromise multisig governance and used Solana’s durable nonces to pre-sign admin transfers weeks in advance, allowing the attackers to bypass security and execute the exploit within minutes.
The attacker tricked LayerZero's cross-chain messaging layer into believing a valid instruction had arrived from another network, which triggered Kelp's bridge to release 116,500 rsETH to an attacker-controlled address. The attack is attributed to the North Korea-linked Lazarus Group.
Zrieknutie sa zodpovednosti: Obsahuje názory tretích strán. Toto nepovažujte za finančné poradenstvo. Môže zahŕňať sponzorovaný obsah.Pozrite si zmluvné podmienky.
