## North Korean ZKP Attack: L2 Bridge Exploited via Logic Flaw
WhisperX has intercepted communications detailing a sophisticated exploit targeting a prominent Layer 2 bridge protocol, orchestrated by North Korean state-sponsored actors. The attack leveraged a subtle, previously undisclosed vulnerability within the Zero-Knowledge Proof (ZKP) verification logic.  By crafting malicious ZK-proofs that appear valid to the bridge's smart contracts, the actors were able to drain significant user funds, estimated to be in the tens of millions of USD.  The operation appears to have been facilitated by shell companies registered in Hong Kong and Dubai, used to launder the stolen assets through various decentralized exchanges. This incident highlights the growing sophistication of nation-state actors in exploiting complex blockchain primitives for illicit financial gain, posing a direct threat to the security of the wider L2 ecosystem.
---
- **Source**: 
- **Sector**: The Lab
- **Tags**: crypto, fraud, exclusive, north_korea, zkp
- **Credibility**: unverified
- **Published**: 2026-02-28 13:27:30
- **ID**: 766
- **URL**: https://whisperx.ai/en/intel/766