North Korean hackers blamed for $290M crypto theft

William K⚡Santiago🔑☢️

npub1h3fzzzeq60acjvnyvw34rpn5clkaueteffmkt3ln4ygekg9lcm0qhw96sj

hex

604fb553b6fdf46aca9756f18d266d712afd1b19dab3cffcd3319318666296e0

nevent

nevent1qqsxqna42wm0mar2e2t4duvdyekhz2harvva4v70lnfnryccve3fdcqprpmhxue69uhhyetvv9ujuem4d36kwatvw5hx6mm9qgstc53ppvsd87ufxfjx8g63se6v0mw7v4u55am9cle6jyvmyzludhsw0j44z

Kind-1 (TextNote)

2026-04-25T15:00:36Z

North Korean hackers blamed for $290M crypto theft https://techcrunch.com/2026/04/20/north-korea-hackers-blamed-for-290m-crypto-theft/

TraderTraitor spotted a flaw in Kelp’s bridge verification, fed it forged instructions that passed as legitimate, and the contract obediently moved the funds. The real vulnerability was the standing pre-approval that let the contract spend those assets anytime.

Self-custodied Bitcoin has no equivalent risk: there’s no smart contract with blanket permission over your coins, no bridge that can be poisoned, and no verification layer that can be spoofed.

Every DeFi position you open widens that attack surface.

Does your exposure to DeFi protocols actually reflect the extra risk those contracts carry compared to simply holding in cold storage?

Raw JSON

{
  "kind": 1,
  "id": "604fb553b6fdf46aca9756f18d266d712afd1b19dab3cffcd3319318666296e0",
  "pubkey": "bc52210b20d3fb89326463a3518674c7edde65794a7765c7f3a9119b20bfc6de",
  "created_at": 1777129236,
  "tags": [],
  "content": "North Korean hackers blamed for $290M crypto theft\nhttps://techcrunch.com/2026/04/20/north-korea-hackers-blamed-for-290m-crypto-theft/\n\nTraderTraitor spotted a flaw in Kelp’s bridge verification, fed it forged instructions that passed as legitimate, and the contract obediently moved the funds. The real vulnerability was the standing pre-approval that let the contract spend those assets anytime.\n\nSelf-custodied Bitcoin has no equivalent risk: there’s no smart contract with blanket permission over your coins, no bridge that can be poisoned, and no verification layer that can be spoofed.\n\nEvery DeFi position you open widens that attack surface.\n\nDoes your exposure to DeFi protocols actually reflect the extra risk those contracts carry compared to simply holding in cold storage?",
  "sig": "aadb39961089eab3e35dbf66d7f4234782b987c7a88a69a3d0d905eca5e6ce7b5a83ba92a5de4e26fb440c7f9b78ae6d4f2daf192825882162e2e1e0e1b0ee16"
}