Kelp DAO Exploited — Lazarus Group Blamed as Aave Faces $6.2B Withdrawal Panic
Kelp DAO, a liquid restaking protocol, was exploited by attackers who drained cryptocurrency assets from its infrastructure. LayerZero attributed the attack to North Korea's Lazarus Group, citing a single-point-of-failure vulnerability. The fallout triggered a $6.2 billion withdrawal panic on Aave, one of DeFi's largest lending platforms.
A $6.2 billion liquidity crunch on Aave signals serious stress in the DeFi lending ecosystem — if withdrawals outpace available liquidity, borrowing rates spike and forced liquidations can cascade across interconnected protocols. Assets tied to liquid restaking (rsETH, weETH) and Aave's native token (AAVE) are directly exposed. Broader ETH sentiment takes a hit when restaking infrastructure — a major growth narrative this cycle — proves vulnerable.
Ongoing: Monitor Aave's on-chain liquidity ratios and utilization rates in real time via DeFiLlama. Watch for any official Kelp DAO post-mortem or recovery announcement. Track whether U.S. Treasury or OFAC issues new Lazarus Group wallet designations, which could follow within days of confirmed attribution.
Full analysis · Subscribers
The deep dive (bull case, bear case, and the data point that decides which side wins), the cause-and-effect chain behind the move, plain-English explainers for every block.
Want this for every market day?
Aggregated reads 51 sources in five languages and turns the day into plain-English cards like this one.
Educational analysis of public information — not investment advice.
← Today's brief