Arbitrum Freezes $70 Million in ETH After KelpDAO Exploit

Severity: High (Score: 72.0)

Sources: Cryptopotato, robinhood.com, Theblock.Co, Thedefiant

Summary

On April 20, 2026, Arbitrum's Security Council froze 30,766 ETH, valued at approximately $71 million, linked to the KelpDAO exploit that occurred on April 18. The exploit resulted in the loss of 116,500 rsETH tokens, totaling around $292 million, due to vulnerabilities in KelpDAO's LayerZero-powered cross-chain bridge. The attacker compromised RPC nodes to execute fraudulent cross-chain messages, leading to significant financial losses. Following the freeze, on-chain investigator ZachXBT reported that the attackers moved $1.5 million from Ethereum to Bitcoin via Thorchain. The Arbitrum intervention was coordinated with law enforcement, indicating potential regulatory scrutiny. The funds will remain frozen pending further governance decisions. KelpDAO has defended its use of a 1-of-1 verification setup, which LayerZero criticized as a single point of failure. The incident has raised concerns about the security of decentralized finance (DeFi) protocols. Key Points: • Arbitrum froze 30,766 ETH linked to a major exploit affecting KelpDAO. • The KelpDAO attack exploited vulnerabilities in a cross-chain bridge, leading to $292 million in losses. • The intervention involved law enforcement and highlights regulatory attention on DeFi security.

Key Entities

• Lazarus (apt_group)
• Lazurus Group (apt_group)
• Data Breach (attack_type)
• Arbitrum (company)
• Kelp DAO (company)
• KelpDAO (company)
• LayerZero Labs (company)
• Ethereum (company)
• Iran (country)
• Aave (platform)
• Aave V3 (platform)
• Arbitrum One (platform)
• Bitcoin (platform)
• LayerZero (platform)