This month's Crypto Security Report

Each month, MetaMask security guru Luker reports on the latest crypto attacks and emerging risks that you need to know about. 

April 2026 was a rough month for crypto attacks. Over half a billion dollars in crypto was stolen across KelpDAO, Drift Protocol, and CoW Swap, with DPRK operatives suspected in at least two of these incidents. The Axios npm package got compromised and pushed a remote access Trojan to who knows how many developer machines. A fake Ledger app sat on the Apple App Store long enough to drain $9.5 million from 50 people. A mole infiltrated Kraken's support systems. Meanwhile, Anthropic's new Mythos model is finding zero-days faster than most red teams can file tickets. We'll dive into the details below, as well as tips for how you can stay safe in the ecosystem.

But first... 

Our featured STEM pioneer of the month👩‍🔬

Ahead of World Bee Day on May 20, meet Karl von Frisch, the ethologist credited with cracking the “waggle dance” code that honey bees use to communicate where to find resources and set up hives. 

Axios NPM supply chain attack: Why LavaMoat matters more than ever

Axios, one of the most popular JavaScript HTTP client libraries, was compromised on NPM, allowing two malicious versions ([email protected] and [email protected]) to spread a remote access Trojan (RAT). The malware was delivered by a postinstall script in [email protected], a package that the attackers published and subsequently added as a dependency to the Axios versions they published. Socket identified the malware in plain-crypto-js 6 minutes after publication, and 30 minutes before attackers added it as a dependency to axios to distribute. 

According to StepSecurity, "Its sole purpose is to execute a postinstall script that acts as a cross platform remote access trojan (RAT) dropper, targeting macOS, Windows, and Linux. The dropper contacts a live command and control server and delivers platform specific second stage payloads. After execution, the malware deletes itself and replaces its own package.json with a clean version to evade forensic detection." 

StepSecurity warns that anyone who installed these versions should assume their system is compromised. The tactic? Social engineering, again. Individuals and projects should seriously consider taking advantage of the protections offered by the LavaMoat tools available for free thanks to MetaMask, as users running @lavamoat/allow-scripts were not affected. As MetaMask's Naugtur put it, "Attackers use scripts not because they're lazy, but because the victims are."

Permanently disabling install scripts everywhere and using @lavamoat/allow-scripts to run the absolutely necessary ones is enough to defeat the recent widespread attacks on the npm ecosystem. Lifecycle scripts are a great malware delivery tool because every package being installed gets to run code. If everyone permanently disabled scripts, it would force attackers to deliver their malware through means that are far less likely to run. After installation, many packages in your dependencies don't get the chance to run unless explicitly used. And to prevent these, we have other features in the LavaMoat toolbox.

Major crypto hacks in April 2026: KelpDAO, Drift, CoW Swap, and more

When it rains, it pours, and in 2026 April showers brought post mortems.

KelpDAO

On April 18, $290 million was stolen from the DeFi project KelpDAO and once again DPRK operatives, specifically the Lazarus GRoup, are suspected. It was reported that lending protocols Compound, Euler, and Aave were also impacted, "with the latter announcing a freeze and blocking new deposits or borrowing using rsETH as collateral," according to Bleeping Computer.

The attack targeted only rsETH, a liquid token representing restaked ETH. Attackers took control of certain RPC nodes that the verifier relied on, supplying them with false blockchain data. At the same time, they launched DDoS attacks against legitimate RPC nodes, forcing the system to depend on the compromised nodes.

More details were released on April 20 by Kelp, who thanked SEAL 911 for their assistance. That same day, Arbitrum's Security Council announced that at the behest of law enforcement they were freezing a portion of assets that were linked to the exploit. This means $71 million worth of funds are no longer accessible to the thieves and offers a "partial recovery option, in addition to whatever else law enforcement and chain-tracing firms can claw back," according to CoinDesk. There is still a dispute between Kelp and LayerZero, which powered the bridge that was exploited, over who is at fault.

Led by Aave, several organizations later banded together to support the DeFi United relief effort and recovery plan, including Consensys, who has pledged up to 30,000 ETH in financial support.

Drift Protocol

On April 1, the Solana-based decentralized exchange Drift announced that its security council's administrative powers were hijacked by a malicious party, leading to a $280 million theft. This is yet another example of how lax security around multisignature approvals led to compromise, much like the ByBit attack last year. The attackers were able to acquire two of the three required signatures as well as take advantage of durable nonce accounts that allowed transactions to be pre-signed with delayed execution. 

It is suspected that the attack was carried out by a DPRK-backed advanced persistent threat (APT) group that orchestrated an elaborate social engineering campaign beginning in the fall of 2025. This months-long scheme involved operatives (who did not appear to be North Korean) posing as members of a potential partner company that even met in person on several occasions. Investigations by blockchain forensics firm Elliptic and security research group SEAL 911 support theories that the same criminals behind the October 2024 Radiant Capital hack are to blame.

CoW Swap Exchange

Ethereum DeFi exchange Cow Swap suffered a front end attack, leading it to temporarily halt services on April 14. Friends of the fox at Blockaid were the first to identify the incident, warning users to "avoid any interactions with the dApp immediately."

In attacks such as these, threat actors are able to misdirect users to a malicious website by corrupting the DNS resolution. In this case, users were tricked into approving transfers that sent funds to the thieves instead of the intended recipients.

A full post mortem was released April 16 that estimated approximately $1.2 million in user losses. In addition to the malicious transfers, the phishing site that users were directed to "attempted wallet draining, seed phrase collection, and password theft." CoW DAO later set up a grants program to reimburse affected users.

Other notable crypto security incidents in April 2026

Additional attacks in April 2026 included:

• Steakhouse Financial socially engineered DNS attack

• Rhea Finance oracle manipulation exploit hack

• Zerion wallet Zoom call scam

• ZetaChain smart contract attack

Crypto security industry updates: April 2026

Anthropic's Mythos AI model raises cybersecurity alarms

Anthropic made a splash this month when it announced a new AI model called Mythos that it deemed too dangerous to widely share, opting instead to launch an invite-only pilot among select tech companies that it's calling Project Glasswing. With the goal of revolutionizing cybersecurity, Mythos "has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser."

An earlier version of the model was able to escape its sandbox, develop and exploit, and then disclose the vulnerability in obscure but public forums. In other demonstrations of skirting safeguards, the model seemed to recognize prohibited actions it was taking and "covered its tracks."

Mythos is able to discover and leverage software vulnerabilities, automatically linking multiple exploits across popular operating systems and web browsers. Within decentralized finance, the model highlights disparities between projects that have implemented robust security protocols and those operating with weaker defenses.

Ethereum's ETH Rangers program wraps up six-month security initiative

The ETH Rangers program, a collaboration between the Ethereum Foundation, Secureum, The Red Guild, and Security Alliance (SEAL), recently wrapped up its six-month run. The purpose of the initiative was to "provide stipends for individuals doing public goods security work in the Ethereum ecosystem," and 17 individual and group contributors were rewarded for their efforts.

Some of the highlighted recipients included SunSec of DeFiHackLabs, the Ketman Project, Nick Bax, Guild Audits, and Palina Tolmach and the Kontrol tool.

Solana launches STRIDE security framework with Asymmetric Research

The Solana Foundation, together with web3 security firm Asymmetric Research, announced the launch of "a new wave of security initiatives across tools, standards, and support for builders," asserting that "Solana was built for security" and "adversaries are rapidly innovating."

Central to this toolset is STRIDE—Solana Trust, Resilience and Infrastructure for DeFi Enterprises, essentially a holistic security posture auditing framework. Asymmetric Research outlined the pillars of the program:

To complement STRIDE, the foundation is also unveiling SIRN (Solana Incident Response Network), "a membership-based network of security firms and researchers" that include Asymmetric Research, OtterSec, Neodyme, Squads, and ZeroShadow. Additionally, the foundation highlighted a number of services that are free to all projects in the Solana ecosystem.

Crypto security threats and scams to watch: April 2026

SEAL Radar exposes 'Traffer' team social engineering campaigns targeting crypto

The Security Alliance's (SEAL) Radar blog published findings on an influx of various "Traffer" team campaigns in which threat actors use a combination of social engineering and malware-as-a-service (Maas) to compromise and steal from crypto companies.

According to Radar, "Attackers show no geographic bias (targeting both the US and China) and do not focus on a specific target category. Yet, customer/client-facing employees (CFO/CEO, Business Development, Developer Relations, Media & Marketing) inadvertently become the highest-risk group due to the profile of social engineering attacks deployed. The second-highest risk group includes early-stage project owners and public figures (Journalists, Podcast owners)."

Key takeaways are listed, including the proliferation of bogus video meeting invites, malicious documents, impersonations of prominent figures, stolen social media accounts, and dummy company websites. While these tactics often have the hallmarks of DPRK involvement, this collection of campaigns is believed to be Russian in origin. The article is thorough and includes, attributions, indicators of compromise (IOCs), recommendations for staying safe, and many screenshots.

Fake Ledger Live app on Apple App Store steals $9.5 million in crypto

A fraudulent Ledger Live application that appeared on Apple's official App Store resulted in the theft of $9.5 million in crypto from more than 50 victims between April 7 and April 13. Blockchain investigator ZachXBT documented the incident, which affected users across multiple networks including Bitcoin, Ethereum, Tron, Solana, and Ripple. Apple has since removed the malicious application from its store.

The attack represents the latest in a series of impersonation apps targeting cryptocurrency users through official app stores. Just days earlier, musician Garrett Dutton lost 5.9 BTC to a similar fraudulent application. The stolen funds were laundered through more than 150 KuCoin deposit addresses connected to AudiA6, a centralized mixing service. As Ledger CTO Charles Guillemet emphasized, legitimate hardware wallet companies will never request seed phrases, and users should only download wallet software from official company websites.

How users can stay safe

Download wallet applications from official company websites whenever possible Double-check the developer name and app details before downloading Look for verification badges and read recent reviews to spot potential red flags Legitimate hardware wallet companies will never ask for your complete seed phrase When in doubt, contact the official customer support team through verified channels before proceeding

Kraken exchange faces extortion after insider breach exposes client data

Centralized exchange Kraken released details of an extortion attempt by a criminal group that had managed to get "inappropriate access" to internal systems that host client data from a mole in the company. The group is threatening to release this data if Kraken does not meet their demands. It is unclear what exactly the demands are but Kraken's Nick Percoco asserted that the exchange will not pay and will not negotiate. Percoco went on to say that user funds are not at risk and systems were never breached.

This event mirrors a similar one that occurred in February 2025. In both cases, Kraken was alerted by a tip that prompted them to identify the insider threat and revoke their access. In 2025, that insider had infiltrated the customer support team. In both cases, a small number of user accounts were viewed and those users were notified. The investigation is still ongoing and Kraken believes there is enough evidence to lead to arrests.

How companies can stay safe

Normally we gear these sections specifically toward how users can stay safe, but it needs to be said again that all web3 companies are targets. It's known that DPRK advanced persistent threats in particular are working overtime to infiltrate crypto-related enterprises, using fake credentials and references. 

Hiring teams should employ professional third parties to conduct thorough background checks, as well as look for some of the tell-tale signs of would-be malicious employees, which include: 

• Unwillingness to appear on camera or use of virtual backgrounds during interview process 

• Time of day or local weather is inconsistent with their stated location 
  Stated background doesn't align with demonstrated language proficiency 

• Unwillingness to speak ill of dictators

• Confusion about where they live

• Inability to name local landmarks or weather without hesitation 

• A "perfect" resume but unable to answer basic, real-time technical questions

Additionally, companies should establish strong access controls, create detection and response systems, and build a strong security culture.

That's all she wrote this month. See you in June. 

Looking for more crypto security news and emerging threats to watch out for? Head here to peruse previous editions of MetaMask's Crypto Security Reports, and get additional tips for how you can stay safe across the ecosystem.