Crypto Security Fears Rise As Chaos Labs Reveals Attempted Advanced Wallet Attack

Several crypto firms are switching oracle providers after Chaos Labs disclosed it was targeted in a sophisticated hacking attempt last weekend — one that authorities believe may have been carried out by a nation-state actor.

Firms Move To Chainlink

Borrowing platform Tydro announced it is migrating to Chainlink’s oracle infrastructure following the incident. Solv Protocol flagged similar plans, citing recent industry events as the reason for moving its cross-chain setup away from LayerZero.

Kelp DAO, still recovering from an April exploit, is also shifting its restaking token rsETH to Chainlink. The moves signal a broader loss of confidence in alternatives, even as Chaos Labs insists its core systems were never touched.

Chaos Labs founder Omer Goldberg said the attack was contained to operational wallets the company uses for routine on-chain activity. The oracle network itself — which supplies price and data feeds to blockchain applications — was not breached at any point.

Over the weekend, we identified an attack on Chaos Labs. The surface area was strictly contained to operational wallets we use for routine onchain operations. At no point was the Chaos Oracle Network breached or compromised. Chaos Oracles run in a fully isolated environment with…

— Omer Goldberg (@omeragoldberg) May 7, 2026

“Chaos Oracles run in a fully isolated environment with nodes distributed globally, protected by layered security and cryptographic controls,” Goldberg said in a post on X.

The company rotated all keys following the incident and said no suspicious activity has been detected since.

Attack Consistent With Nation-State Methods

Cyber professionals and authorities working alongside Chaos Labs told the company the methods used were consistent with nation-state attacks, according to Goldberg.

He did not name a specific country. The investigation is ongoing, and Goldberg said more details would be shared as circumstances allow.

State-backed hacking groups, particularly those linked to North Korea, have long been seen as a serious threat to crypto infrastructure.

Reports indicate North Korea-affiliated actors stole at least $578 million across several incidents in April alone. North Korea has denied involvement in global cybercrime, calling such allegations unfounded.

Goldberg said Chaos Labs triggered its highest-severity incident response immediately after detecting the attempt. The company allocates a significant portion of its operating budget to cyber defense, monitoring, and detection systems.

A Difficult Month For Crypto Security

The Chaos Labs incident comes against a backdrop of widespread attacks across the industry. The Kelp DAO hack earlier in April was among the year’s most damaging, sending ripple effects through the crypto lending market and causing Aave’s total value locked to drop by $8 billion. Drift Protocol and at least a dozen other crypto entities were also hit during the same period.

Featured image from Pixabay, chart from TradingView

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.