A $290 million crypto hack on KelpDAO, likely by North Korea’s Lazarus Group, was reported on April 18. LayerZero linked the attack to Lazarus, describing the hackers as a highly sophisticated state actor. The breach exploited KelpDAO’s cross-chain rsETH configuration, causing a major loss and raising security concerns in DeFi.
Hex Trust has confirmed that its wrapped XRP (wXRP) token has zero exposure to the $292 million Kelp DAO hack that occurred over the weekend. This reassurance comes amid growing concerns about DeFi security risks, especially for wXRP on Solana, which was previously warned to face similar threats. The news highlights Hex Trust’s focus on security amid recent DeFi exploits.
A 24-year-old British national, Tyler Buchanan, pleaded guilty to wire fraud conspiracy and identity theft as a senior member of 'Scattered Spider.' He admitted involvement in phishing attacks during summer 2022, which targeted major tech firms, resulting in theft of tens of millions of dollars in cryptocurrency. Sentencing is pending, highlighting ongoing cybercrime prosecutions.
TokenPost launched ‘Token Korea Watch’ to monitor over 450 digital asset projects on South Korean exchanges amid rising DeFi risks and recent hacks. The initiative aims to improve transparency and protect investors, following a series of high-profile incidents in April that heightened concerns over undisclosed information and market manipulation. The move reflects increased efforts to enhance security in the evolving crypto landscape.
Arbitrum has frozen 30,766 ETH linked to the KelpDAO exploit as of April 2026. Following the freeze, ZachXBT reported that the attackers started transferring funds from Ethereum mainnet to Bitcoin. The move aims to prevent further asset movement and mitigate potential losses, highlighting ongoing security concerns within the DeFi ecosystem.
A fake delivery driver attempted an armed home invasion targeting a French crypto worker near Montpellier, highlighting a rise in violent "wrench attacks" in France. The incident underscores increasing risks for high-profile and doxxed crypto holders, as criminals target individuals associated with the crypto industry. The attack was thwarted, but it signals growing security concerns in the sector.
IPQS demonstrated that fraud prevention can be effective without compromising user experience by combining identity, device, and network signals. Their approach stops fraud at each customer journey stage, reducing friction while maintaining security. This integrated method enhances trust and reduces false positives, offering a balanced solution for businesses combating digital fraud.
