Kelp DAO and Aave Resume Operations After $292 Million Exploit

Severity: High (Score: 76.2)

Sources: Bitget, Theblock.Co

Summary

Kelp DAO and Aave announced the resumption of rsETH operations following a $292 million exploit on April 18, attributed to North Korea's Lazarus Group. Kelp plans to refill 117,132 rsETH over two weeks and unpause withdrawals within 24 hours of the first tranche transfer. Security updates include requiring four independent validators and increasing block confirmations. Aave confirmed the completion of initial recovery steps, including burning exploiter-controlled tokens. The exploit created $190 million in bad debt for Aave, prompting a restitution initiative called DeFi United, which raised over $300 million in ETH. The Arbitrum Security Council froze $72 million of the attacker's ETH, but a restraining order delayed fund transfers. Aave filed an emergency motion to challenge the order, which allowed ETH transfers but restricted further movement until court approval. Key Points: • Kelp DAO and Aave are resuming rsETH operations after a $292 million exploit. • The attack is linked to North Korea's Lazarus Group, creating $190 million in bad debt for Aave. • A restitution initiative raised over $300 million in ETH to mitigate the impact on the DeFi sector.

Key Entities

• Lazarus Group (apt_group)
• Data Breach (attack_type)
• DeFi United (company)
• Kelp DAO (company)
• Arbitrum (company)
• Aave (platform)
• Chainlink (platform)
• Chainlink CCIP Protocol (platform)
• LayerZero (platform)
• LayerZero OFT Adapter (platform)
• North Korea (country)
• Financial (industry)