The Cipher

Wednesday 22 April 2026 · Melbourne

Lazarus Group Pulls Off $290M KelpDAO Heist in Sophisticated Infrastructure Attack

North Korea's Lazarus Group steals $290M from KelpDAO, a Scattered Spider ringleader pleads guilty, and Anthropic's new cyber model is already sparking a CEO spat.

Lead story

Lazarus Group Pulls Off $290M KelpDAO Heist in Sophisticated Infrastructure Attack

North Korea's Lazarus Group is suspected of pulling off one of the year's biggest crypto heists — a $290 million theft from the KelpDAO decentralised finance platform — and the method used is worth paying close attention to. This wasn't a simple smart contract exploit or a phishing link. The attackers went after LayerZero's Decentralised Verifier Network (DVN), the cross-chain messaging infrastructure that KelpDAO relied on to move assets between blockchains.

Here's how it worked. LayerZero's DVN uses multiple independent nodes to verify cross-chain transactions. The attackers reportedly compromised certain RPC (remote procedure call) endpoints — essentially the communication channels those nodes depend on — and simultaneously launched DDoS attacks against others. The chaos triggered automatic failover mechanisms, routing traffic to infrastructure the attackers had already poisoned. With control of enough verification nodes, they could approve fraudulent transactions. The bridge between chains became the weapon.

This is a meaningful escalation in technique. Most DeFi hacks target the smart contracts sitting on top of infrastructure. Attacking the verification layer underneath is harder, stealthier, and far more damaging — because if you control the referee, you control the game. Lazarus has been steadily climbing this learning curve, and the $1.5 billion Bybit theft earlier this year showed they're willing to invest serious operational effort into each attack.

The attribution to Lazarus carries its own weight. North Korea is estimated to have stolen somewhere north of $3 billion in crypto since 2017, with much of it funding the regime's weapons programmes. The US Treasury, the UN, and multiple blockchain intelligence firms have tracked the money trails. The KelpDAO funds are already moving through mixers and cross-chain bridges in the patterns analysts have come to recognise as Lazarus tradecraft.

What this means for DeFi builders and users. Cross-chain bridges remain the single most dangerous piece of infrastructure in the ecosystem. The security model for most bridges assumes that the verification layer is trustworthy — but that assumption is only as good as the security posture of every RPC provider in the network. A DDoS-triggered failover to malicious infrastructure is an attack vector that almost no bridge has explicitly designed against.

For users, the risk calculus hasn't changed: assets sitting in cross-chain bridge contracts are targets, and the bigger the bridge, the bigger the prize. For builders, the KelpDAO incident is an argument for redundant RPC sources, explicit failover security policies, and circuit breakers that halt high-value transfers when the verification network degrades rather than rerouting to backup nodes.

What to watch. Blockchain intelligence firms are already tagging the wallets associated with this heist. The speed at which Lazarus can launder funds has improved — expect to see mixer and bridge activity in the coming days as they attempt to fragment and move the money before exchanges can blacklist the addresses. Whether any of it is recoverable is, realistically, unlikely.

Read full brief →

Top picks

Scattered Spider's 'Tylerb' Pleads Guilty

Tyler Robert Buchanan, a 24-year-old Scottish national described by researchers as the operational backbone of Scattered Spider, has pleaded guilty to wire fraud conspiracy and aggravated identity theft in a US federal court. Buchanan admitted his role in a 2022 SMS phishing campaign that gave the group access to more than a dozen major tech companies and netted tens of millions in stolen cryptocurrency. He faces up to 22 years in federal prison. The guilty plea is the most significant accountability moment yet for a group whose brazen attacks on MGM Resorts and Caesars Entertainment caused hundreds of millions in damages.

Krebs on Security ↗

The Ransomware Negotiator Who Switched Sides

Angelo Martino, a 41-year-old Florida man who worked as a ransomware negotiator for cybersecurity firm DigitalMint, has pleaded guilty to secretly collaborating with the BlackCat ransomware gang in 2023. Rather than helping victims minimise payments, Martino was coaching the attackers on how to demand higher ransoms — taking a cut in return. He's now the third person with ties to the incident response industry to admit working both sides of the table. The case highlights a grim structural problem: the people best positioned to help victims are also the people who understand the criminal playbook most intimately.

Bleeping Computer ↗

Vercel Breached via AI Tool and Stolen Employee Credentials

Cloud deployment platform Vercel has confirmed it was breached after attackers exploited a third-party AI tool and compromised an employee account through OAuth abuse. The company notified a subset of customers that their Vercel credentials were exposed. The Register's reporting describes the intrusion as AI-assisted, with attackers using the tooling to accelerate the attack chain. The incident is a useful case study in the expanding attack surface that enterprise AI tool adoption creates — every new integration with elevated permissions is a potential pivot point, and the speed advantage AI gives defenders also applies to attackers.

The Record ↗

Also today

Google Patches Prompt Injection RCE in Antigravity AI Agent

A now-patched vulnerability in Google's Antigravity agentic IDE could have allowed attackers to escape the product's sandbox and achieve arbitrary code execution on a host system. The flaw combined Antigravity's permitted file-creation capabilities with insufficient input sanitisation in its native file-search tool, effectively bypassing the product's strictest security setting. Researchers from Pillar Security found the issue and disclosed it to Google. The bug is a textbook illustration of why agentic AI tools — which operate with real system permissions — need to be held to a much higher security bar than a regular chatbot.

CyberScoop ↗

Mozilla Used Anthropic's Mythos to Find 271 Firefox Bugs

Mozilla's Firefox security team ran Anthropic's new cybersecurity-focused model, Mythos, against the browser's codebase and came back with 271 bugs — a result that's impressive on volume but comes with caveats. The team noted that Mythos is good at finding vulnerabilities but can't yet tell you how severe they are, how to prioritise remediation, or what the downstream impact might be. The disclosure lands in the middle of a public spat between OpenAI CEO Sam Altman — who called Mythos "fear-based marketing" — and Anthropic, whose model is clearly capable enough to ruffle some feathers at a competitor.

WIRED Security ↗

Anthropic Takes $5B From Amazon — and Promises $100B Back

Amazon has invested another $5 billion into Anthropic, with the AI lab agreeing to spend $100 billion on AWS infrastructure in return. The deal also locks in 5 gigawatts of Amazon's custom Trainium and Inferentia silicon as Claude usage climbs. It's the latest in a series of circular arrangements that define the current AI investment landscape — the money goes in, then flows right back out as compute spend. Anthropic's growing enterprise traction, including the Mythos cybersecurity model and the Codex partnership OpenAI announced the same day, is making the AWS bet look increasingly strategic rather than purely financial.

Ars Technica ↗

26 Fake Crypto Wallet Apps Slipped Into China's App Store

Researchers have found 26 malicious apps in Apple's Chinese App Store impersonating well-known cryptocurrency wallets including MetaMask, Coinbase, Trust Wallet, and OneKey. The apps were designed to harvest wallet recovery phrases and private keys, handing attackers full control of victims' funds. Apple's App Store review process is widely considered more rigorous than Android's open ecosystem, making the successful infiltration notable. The campaign is another reminder that the trust users place in curated app stores is not unconditional — and that crypto wallet users should only ever install apps via verified links from the official project website.

SecurityWeek ↗

BRIDGE:BREAK: 22 Flaws in Serial-to-IP Converters Expose 20,000 Devices

Forescout's Vedere Labs has disclosed 22 vulnerabilities across popular Lantronix and Silex serial-to-Ethernet converter models, collectively dubbed BRIDGE:BREAK. Around 20,000 of these devices are publicly exposed online. Serial-to-IP converters are the unglamorous glue of industrial and building automation environments — they let legacy serial devices like sensors, meters, and access control panels talk over modern IP networks. Successful exploitation could allow an attacker to hijack the device, intercept data flowing through it, or use it as a beachhead into operational technology networks. Patches are available; exposure is the problem.

The Hacker News ↗

AES-128 Is Fine for Post-Quantum — Stop Upsizing Unnecessarily

A detailed writeup from Ars Technica pushes back on the persistent belief that AES-128 needs to be replaced with AES-256 to survive a quantum computing threat. The argument for upsizing rests on Grover's algorithm, which can theoretically halve the effective key length of a symmetric cipher on a quantum computer — reducing AES-128 to an equivalent of 64-bit security. But the actual compute cost of running Grover's on AES-128 at any meaningful scale remains astronomically high, and the real post-quantum urgency sits with asymmetric algorithms like RSA and elliptic curve cryptography. Misplaced alarm is distracting teams from the upgrades that actually matter.

Ars Technica ↗

Tim Cook Steps Down After 15 Years; John Ternus Takes Over Apple

Tim Cook has stepped down as Apple CEO after 15 years running the world's most valuable company, with hardware chief John Ternus confirmed as his successor. Cook inherited a visionary product company and turned it into a $4 trillion operational machine — Apple Silicon, the services flywheel, and a supply chain that became its own competitive moat. Ternus, who led the teams behind Apple Silicon and the iPhone's recent hardware evolution, takes charge at a genuinely difficult moment: the Vision Pro's rocky reception, intensifying AI competition, and ongoing antitrust scrutiny in both the US and EU make this a considerably thornier starting position than Cook inherited.

TechCrunch ↗

UK Regulator Opens Investigation Into Telegram Over Child Safety

Ofcom has launched a formal investigation into Telegram over evidence provided by the Canadian Centre for Child Protection suggesting the platform is being used to share child sexual abuse material. Telegram and several teen-oriented chat platforms are named in the probe. This is Ofcom's first major test of the UK's Online Safety Act enforcement powers against an end-to-end encrypted messaging platform — and the outcome could set a precedent for how regulators approach encryption and content moderation across the industry. Telegram, which operates a light-touch moderation model compared to its peers, has faced similar pressure in France and Germany over the past year.

The Record ↗

Previous briefs

Tuesday 21 April 2026