In a troubling development for the cryptocurrency sector, several firms are reevaluating their oracle providers after Chaos Labs revealed it had been the target of a sophisticated hacking attempt last weekend. Authorities suspect that this incident may have connections to a nation-state actor, intensifying existing fears surrounding crypto security.
Firms Move To Chainlink
In light of the recent breach, Tydro, a borrowing platform, announced its migration to Chainlink’s oracle infrastructure. Similarly, Solv Protocol has indicated plans to transition away from LayerZero for its cross-chain setup, citing the recent hacking incident as a pivotal factor in its decision-making process.
Kelp DAO, which is still recovering from an exploit that occurred in April, is also shifting its restaking token, rsETH, to Chainlink. These moves reflect a growing lack of confidence in alternative oracle solutions, despite Chaos Labs’ assurances that its core systems remained untouched during the attack.
Omer Goldberg, founder of Chaos Labs, confirmed that the attack was limited to operational wallets used for routine on-chain activities. He emphasized that the Chaos Oracle Network itself was never compromised, reassuring users of the security protocols in place.
Over the weekend, we identified an attack on Chaos Labs. The surface area was strictly contained to operational wallets we use for routine onchain operations. At no point was the Chaos Oracle Network breached or compromised. Chaos Oracles run in a fully isolated environment with…
— Omer Goldberg (@omeragoldberg) May 7, 2026
Goldberg further elaborated on the advanced security measures employed by Chaos Labs, asserting that their oracles operate in a fully isolated environment, equipped with globally distributed nodes and robust cryptographic protections. Following the incident, all security keys were rotated, and no suspicious activity has been detected since.
Attack Consistent With Nation-State Methods
Experts and cybersecurity authorities working with Chaos Labs have indicated that the tactics used in the attack are characteristic of nation-state operations. While Goldberg refrained from naming any specific country, he noted that an investigation is ongoing, with further details expected to be released as the situation develops.
State-sponsored hacking groups, particularly those linked to North Korea, have been identified as significant threats to the integrity of crypto infrastructure. Reports reveal that North Korea-affiliated actors reportedly stole at least $578 million in various incidents throughout April alone, a claim that the country has denied, labeling such allegations as unfounded.
Goldberg stated that Chaos Labs activated its highest-level incident response protocol immediately after detecting the attack. The company allocates a considerable portion of its operational budget to cybersecurity measures, including monitoring and detection systems.
A Difficult Month For Crypto Security
The incident involving Chaos Labs comes amid a broader context of increased attacks across the crypto landscape. The Kelp DAO hack earlier in April marked one of the most damaging breaches of the year, sending shockwaves through the crypto lending market and causing Aave’s total value locked to plummet by $8 billion. Additional attacks impacted Drift Protocol and numerous other crypto entities during this tumultuous period.
Featured image from Pixabay, chart from TradingView
