Arbitrum Freezes $71 Million in ETH Following Kelp DAO Exploit

Severity: High (Score: 74.0)

Sources: robinhood.com, Theblock.Co

Summary

The Arbitrum Security Council has frozen 30,766 ETH, valued at $71.1 million, from an address linked to the Kelp DAO exploit that occurred over the weekend, resulting in a loss of approximately $292 million. The exploit involved Kelp DAO, a cross-chain bridge powered by LayerZero, and preliminary investigations suggest the attack may be connected to the North Korean hacking group Lazarus. The funds will remain frozen unless Arbitrum governance approves further actions. LayerZero criticized Kelp DAO's 1-of-1 decentralized verified network configuration, which they claim created a single point of failure. Kelp DAO defended its setup, stating it was the default configuration provided by LayerZero. The incident has raised significant concerns about security vulnerabilities in cross-chain protocols. Key Points: • Arbitrum froze 30,766 ETH linked to a $292 million exploit of Kelp DAO. • The exploit is potentially connected to the Lazarus hacking group from North Korea. • LayerZero criticized Kelp DAO's security configuration, citing a single point of failure.

Key Entities

• Lazarus (apt_group)
• Data Breach (attack_type)
• Kelp DAO (company)
• Ethereum (company)
• Iran (country)
• Arbitrum One (platform)
• LayerZero (platform)