Crypto risk management and infrastructure provider Chaos Labs said its Chaos Oracle Network, which provides data feeds to blockchain applications, was not compromised after a hacking attempt over the weekend by a potential “nation-state.”
Chaos Labs founder Omer Goldberg said in an X post Thursday that the company identified an attack over the weekend, possibly by a “nation state,” and immediately moved to a full lockdown.
“The surface area was strictly contained to operational wallets we use for routine onchain operations. At no point was the Chaos Oracle Network breached or compromised.”
“Chaos Oracles run in a fully isolated environment with nodes distributed globally, protected by layered security and cryptographic controls,” Goldberg said.
“The authorities and cyber professionals working with us have characterized the activity as consistent with nation-state attacks, he said. “The investigation continues, and we will share more as it allows.”
State-backed hacker groups, particularly those from North Korea, have been seen as a persistent threat to the crypto space.
North Korea-affiliated actors have been accused of stealing at least $578 million across several major incidents in April and have been linked to many of the industry’s largest hacks. North Korea recently rejected claims linking it to global cybercrime, calling the allegations unfounded.
Goldberg said that Chaos Labs has rotated all keys since the attempted attack and said there hasn’t been any further suspicious activity.
Source: Omer Goldberg
Recent industry exploits prompted “highest severity” response
The April Kelp DAO hack has been one of the year’s largest security incidents, causing broader ecosystem contagion and impacting the interconnected crypto lending market.
Drift Protocol, a decentralized cryptocurrency exchange, and at least a dozen other crypto entities were hacked in the same month.
Goldberg said against the backdrop of recent exploits, Chaos Labs triggered its “highest-severity incident response” after detecting the attempted hack.
“We allocate a substantial share of our operating budget to cyber defense, alerting, and detection,” he added.
Several crypto firms shift to Chainlink
Borrowing platform Tydro said it is migrating to the Chainlink oracle platform following the attack on Chaos Labs, adding to the list of crypto firms that have made the switch in recent weeks.
Related: Chaos Labs taps out as Aave’s risk provider, decision ‘not made in haste’
DeFi protocol Kelp DAO is migrating its restaking token rsETH to the Chainlink Oracle platform following the April exploit. It continues to blame the attack on LayerZero’s cross-chain infrastructure, which LayerZero has disputed.
Decentralized finance platform Solv Protocol has also flagged plans to migrate its cross-chain infrastructure from LayerZero to Chainlink in “light of recent industry events.”
Magazine: Guide to the top and emerging global crypto hubs — Mid-2026
