It is the latest such incident linked to North Korea, whose sophisticated cybercrime programme uses stolen cryptocurrency to help fund its nuclear weapons development, according to a United Nations panel.

Digital currency news site CoinDesk said the heist on the vault of online investment tool KelpDAO on Saturday was 2026’s biggest crypto exploit so far.

During the hack, two blockchain servers hosted by another crypto tech application called LayerZero were compromised, KelpDAO said Tuesday.

That allowed a cryptocurrency token linked to the major Ethereum currency to be “drained” from KelpDAO, it said.

“On April 18, 2026, KelpDAO was exploited for approximately US$290 million,” LayerZero said in a statement.

“Preliminary indicators suggest attribution to a highly-sophisticated state actor, likely DPRK’s Lazarus Group,” LayerZero said, using the initials of North Korea’s official name.

It assured users that “there is zero contagion to any other cross-chain assets or applications”.

Blockchain technology allows transactions to do away with middlemen, including governments and banks — a concept known as decentralised finance (DeFi).

“This will make it more scary for new entrants to enter the DeFi world,” said Henri Arslanian, co-founder of Nine Blocks Capital Management.

“This is clearly the job of North Korea’s Lazarus group. No other group globally has the expertise and muscle power to conduct such a hack,” he said Wednesday in a note.

A UN panel estimated in 2024 that North Korea had stolen more than US$3 billion in cryptocurrency since 2017.

Last year, the United States accused North Korea of being behind the theft of US$1.5 billion worth of digital assets, then the largest crypto heist in history.