North Korea’s crypto heist playbook is expanding and DeFi keeps getting hit

North Korea’s crypto heist playbook is expanding and DeFi keeps getting hit

Search/NewsVideoPricesResearchConsensus 2026Data & IndicesSponsoredSearch/enTechShareShare this articleCopy linkX iconX (Twitter)LinkedInFacebookEmailNorth Korea’s crypto heist playbook is expanding and DeFi keeps getting hitMore than $500 million was siphoned across the Drift and Kelp exploits in just over two weeks. What once looked like isolated breaches now resembles a sustained campaign, likely driven by the financial needs of a sanctioned state.By Margaux Nijkerk|Edited by Nikhilesh De Apr 20, 2026, 9:17 p.m. Make preferred on What to know: The Kelp exploit shows North Korea’s Lazarus Group is evolving beyond isolated hacks, rapidly shifting tactics from social engineering to exploiting structural weaknesses in crypto infrastructure, suggesting a sustained, state-driven campaign rather than one-off incidents. The attack did not break cryptography but exploited known design choices

Source: https://www.coindesk.com/tech/2026/04/20/north-korea-s-crypto-heist-playbook-is-expanding-and-defi-keeps-getting-hit