Scams Radar

Icon-facebook Icon-instagram-1 Tiktok Telegram Whatsapp Youtube Youtube

Quick Take

Arbitrum logo representing ETH freeze after Kelp DAO hack and Layer 2 security response
  • The Arbitrum Security Council has frozen 30,766 ETH (worth approximately $71.1 million) in an address on Arbitrum One connected to the recent Kelp DAO exploit.
  • The frozen funds have been moved to an intermediary wallet and will only be released or moved through a formal Arbitrum governance vote.
  • The action was taken with input from law enforcement regarding the exploiter’s identity, while ensuring no impact on other users or applications on the chain.

Details of the Freeze

In a statement posted on X on April 21, 2026, Arbitrum confirmed that the Security Council acted swiftly to secure the stolen assets. The council emphasized that the freeze protects the integrity of the Arbitrum ecosystem without disrupting normal operations for users or dApps. The funds remain frozen pending further governance approval, meaning any future movement will require community consensus via an on-chain vote.

This is one of the largest asset freezes executed by a major Layer 2 network in response to a hack, demonstrating the growing role of security councils in mitigating exploits.

Background on the Kelp DAO Exploit

The freeze follows a major exploit over the weekend on Kelp DAO, a LayerZero-powered cross-chain bridge. The attack resulted in the theft of 116,500 rsETH tokens, valued at roughly $292 million at the time.

Preliminary investigations by LayerZero pointed to the North Korean hacking group Lazarus as the likely perpetrator. LayerZero also criticized Kelp DAO for using a 1-of-1 decentralized verified network (DVN) configuration, which created a single point of failure and failed to detect the fraudulent cross-chain message.

Kelp DAO responded by noting that the 1-of-1 DVN setup was the default configuration provided by LayerZero at the time of deployment.

Implications for the Ecosystem

  • Positive signal: The rapid response from the Arbitrum Security Council shows improved coordination between Layer 2 teams, law enforcement, and governance mechanisms when dealing with large-scale exploits.
  • Ongoing risks: The incident highlights continued vulnerabilities in cross-chain bridges and the importance of robust multi-DVN verification.
  • For users: No other addresses or applications on Arbitrum were affected. The freeze is limited to the specific exploiter-linked wallet.

Bitcoin (BTC) and the broader market remain largely unaffected so far, but such high-profile incidents often increase calls for stronger security standards across Layer 2s and bridges.

Investor note: Always verify bridge security configurations and avoid unverified cross-chain interactions, especially with new or lesser-audited protocols.

Reviews:

Leave Your Review Here:

Scams Radar disclaimer highlighting educational purpose, no financial guarantees, risk warnings, and independent opinions.