The Arbitrum Security Council has frozen $70.94 million worth of ETH linked to a recent exploit. The council coordinated with law enforcement and moved 30,766 ETH from the attacker’s address to a secured intermediary wallet on April 20. This action followed the $292 million KelpDAO attack, which exploited a cross-chain bridge built on LayerZero Labs infrastructure.
The **Arbitrum** Security Council intervened to secure funds connected to the **KelpDAO** exploit. It identified 30,766 ETH, worth approximately $70.94 million, held by the attacker on **Arbitrum One**.
User activity remained unaffected during the emergency process. The council stated it had coordinated with law enforcement regarding the exploiter’s identity.
After technical analysis, the council isolated and transferred the funds without affecting other chain operations. The assets were moved to an intermediary wallet, effectively freezing them and removing the attacker’s access.
Any future movement of these funds will require governance-level decisions. Just before the intervention, Onchain Labs reported that the exploiter appeared to have burned the 30,766 ETH.
The incident originated from the KelpDAO exploit on April 18, resulting in a loss of about 116,500 rsETH tokens worth around $292 million. It was one of the largest DeFi breaches this year.
The attackers targeted KelpDAO’s cross-chain bridge built on LayerZero Labs infrastructure. According to LayerZero, the attacker compromised RPC nodes to disrupt operations and approve a fraudulent cross-chain message.
LayerZero attributed the breach’s scale to KelpDAO’s use of a 1-of-1 verification setup. KelpDAO responded, stating, “The 1-of-1 DVN setup is the configuration documented in LayerZero’s documentation and shipped as the default for any new OFT deployment.”
The impact extended as stolen assets were deposited into lending protocols like Aave V3. The attacker borrowed large amounts of wrapped ETH, leaving positions with low health factors and raising the possibility of bad debt.
