coin-img-ETHETH-1.11%coin-img-BTCBTC-0.96%coin-img-SOLSOL-1.21%coin-img-OPGOPG+127.80%coin-img-SMARTTOOLSSMARTTOOLS+247.29%coin-img-TOMTOM+88.81%coin-img-USDCUSDC+0.02%coin-img-XRPXRP-0.83%coin-img-ETHETH-1.11%coin-img-BTCBTC-0.96%coin-img-SOLSOL-1.21%coin-img-OPGOPG+127.80%coin-img-SMARTTOOLSSMARTTOOLS+247.29%coin-img-TOMTOM+88.81%coin-img-USDCUSDC+0.02%coin-img-XRPXRP-0.83%coin-img-ETHETH-1.11%coin-img-BTCBTC-0.96%coin-img-SOLSOL-1.21%coin-img-OPGOPG+127.80%coin-img-SMARTTOOLSSMARTTOOLS+247.29%coin-img-TOMTOM+88.81%coin-img-USDCUSDC+0.02%coin-img-XRPXRP-0.83%coin-img-ETHETH-1.11%coin-img-BTCBTC-0.96%coin-img-SOLSOL-1.21%coin-img-OPGOPG+127.80%coin-img-SMARTTOOLSSMARTTOOLS+247.29%coin-img-TOMTOM+88.81%coin-img-USDCUSDC+0.02%coin-img-XRPXRP-0.83%

Arbitrum Security Council Freezes $70.9M in ETH Linked to KelpDAO Exploit

Arbitrum said its Security Council executed an emergency measure to secure funds connected to the KelpDAO exploit, after locating 30,766 ETH on Arbitrum One in a wallet associated with the attacker. The network said user activity was not disrupted. According to Arbitrum, the council coordinated with law enforcement on the exploiter's identity and prioritized maintaining network integrity. Following technical analysis and internal deliberations, it used a procedure to isolate and move the assets without changing any other chain state or impacting users. The ETH was transferred to an intermediary wallet, effectively freezing the funds and cutting off access from the original address. Arbitrum said the transfer was completed on April 20 at 11:26 pm ET. Any additional movement of the assets will require governance-level decisions in coordination with relevant stakeholders. Ahead of the intervention, Onchain Labs reported the exploiter appeared to have burned 30,766 ETH on Arbitrum, valued at about $70.94 million. The episode stems from the April 18 KelpDAO exploit, which resulted in the loss of roughly 116,500 rsETH tokens worth around $292 million, marking one of the largest DeFi breaches this year. Attackers targeted KelpDAO's cross-chain bridge built on LayerZero Labs' infrastructure. LayerZero said the attacker accessed parts of its decentralized verified network by compromising RPC nodes and disrupting normal operations, enabling a fraudulent cross-chain message to be approved and executed. LayerZero attributed the size of the loss to KelpDAO's use of a 1-of-1 verification setup that lacked independent validation. KelpDAO disputed that criticism, saying: "The 1of1 DVN setup is the configuration documented in LayerZero's documentation and shipped as the default for any new OFT deployment. Kelp has operated on LayerZero infrastructure since January 2024 and has maintained an open communication channel with the LayerZero team throughout. The question of DVN configuration came up during Kelp's L2 expansion, and defaults were affirmatively confirmed as appropriate at that time." The fallout extended beyond the bridge as a significant share of the stolen assets flowed into lending markets. On Aave V3, for example, the attacker deposited rsETH as collateral and borrowed large amounts of wrapped ETH. Those positions carried low health factors, raising concerns about potential bad debt within the protocol.
Selected
ETH
ETH-1.13%
AAVE
AAVE+1.57%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.