Lazarus Group Targets DeFi Protocols with New Smart Contract Exploit Kit

Friday, March 27, 2026 at 03:00 PM UTC·Source: Chainalysis / SlowMist

Updated: Saturday, March 28, 2026 at 10:00 AM UTC

Executive Summary

Lazarus Group deploys modular smart contract exploit toolkit targeting DeFi protocols. $200M stolen across four platforms in March.

Analysis

Chainalysis and SlowMist report that Lazarus Group has developed a modular toolkit for exploiting DeFi smart contracts, focusing on flash loan vulnerabilities, oracle manipulation, and cross-chain bridge weaknesses. Four DeFi protocols lost a combined $200M in March. The toolkit automates vulnerability scanning of deployed contracts and generates custom exploits.

Timeline

Discovered

Mar 5, 2026

Exploitation Detected

Mar 5, 2026

Published

Mar 27, 2026

Source Attribution

Originally published by Chainalysis / SlowMist on Mar 27, 2026. Verified by: Chainalysis, SlowMist, FBI.

Related Threats

HIGHData Breach

250,000 Affected by Data Breach at Nacogdoches Memorial Hospital

In January 2026, a threat actor hacked the hospital’s internal network and stole personal and health information. The post 250,000 Affected by Data Breach at Nacogdoches Memorial Hospital appeared first on SecurityWeek .

17h agoSecurityWeek

HIGHData Breach

Mercor Hit by LiteLLM Supply Chain Attack

The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data. The post Mercor Hit by LiteLLM Supply Chain Attack appeared first on SecurityWeek .

18h agoSecurityWeek

LOWData Breach

Attack Surface Management – ein Kaufratgeber

Mit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen. Sergey Zaykov | shutterstock.com Regelmäßige Netzwerk-Scans reichen für eine gehärtete Angriffsfläche nicht mehr aus. Um die Sicherheit von Unternehmensressourcen und Kundendaten zu gewährleisten, ist eine kontinuierliche Überwachung auf neue Ressourcen und Konfigurationsabweichu

2d agoCSO Online