Kelp DAO exploit developments are escalating as the attacker moves stolen Ether across multiple wallets. The latest transfers signal a potential laundering phase after the massive breach. Meanwhile, investigators and DeFi platforms are racing to contain the fallout.
Table of Contents
Kelp DAO Exploit Triggers Massive Ether Transfers
The Kelp DAO exploit has taken a new turn with large-scale Ether movements. On Tuesday, the attacker transferred approximately 75,700 ETH. This amount equals nearly $175 million at current market prices.
Arkham Intelligence identified three major transactions tied to the exploit. First, the attacker sent 25,000 ETH to a newly created wallet. এরপর, they moved 50,700 ETH and a smaller 0.7 ETH to another address.
These transfers suggest a clear attempt to obscure fund origins. Moreover, splitting funds across wallets often complicates tracking efforts. As a result, blockchain analysts are closely monitoring each transaction.
Investigators Track Laundering Routes Through DeFi Protocols
Blockchain investigator ZachXBT provided further insights into the Kelp DAO exploit. According to his findings, the attacker has begun routing funds through THORChain and Umbra.
Specifically, three THORChain transactions totaled around $1.5 million. בנוסף, a separate $78,000 transfer occurred through Umbra. These platforms enable privacy-focused transactions, making tracing more difficult.
THORChain, in particular, operates without traditional KYC requirements. Therefore, it remains a preferred tool for attackers seeking anonymity. You can learn more about THORChain at https://thorchain.org.
This pattern mirrors previous high-profile exploits. For instance, attackers in the 2025 Bybit hack used similar laundering strategies. Consequently, experts expect further movement across decentralized networks.
Root Cause: Vulnerability in LayerZero Integration
The Kelp DAO exploit originated from a critical infrastructure weakness. The attacker drained approximately 116,500 rsETH, valued between $290 million and $293 million.
LayerZero later explained the underlying issue. Kelp DAO relied on a 1/1 decentralized verifier network setup. This configuration created a single point of failure.
Although LayerZero had warned against this design, the risk remained unaddressed. As a result, the attacker exploited the verification pathway to execute the breach.
For technical details on LayerZero architecture, visit https://layerzero.network.
Arbitrum Freezes Funds to Limit Damage
In response to the Kelp DAO exploit, Arbitrum took emergency action. Its 12-member security council froze 30,766 ETH linked to the attack.
The frozen assets now reside in an intermediary wallet. Access to this wallet requires governance approval, ensuring controlled handling.
This move demonstrates how decentralized governance can respond quickly during crises. However, it also highlights the growing need for proactive security measures.
Ripple Effects Across the DeFi Ecosystem
The Kelp DAO exploit has significantly impacted multiple DeFi protocols. Aave, in particular, experienced major disruptions.
The attacker used stolen funds as collateral to borrow assets. Initially, estimates suggested losses of around $195 million. Սակայն, Aave later outlined two possible outcomes.
One scenario predicts $123.7 million in bad debt. Alternatively, losses could reach $230.1 million under worse conditions.
These uncertainties have shaken investor confidence. Consequently, Aave’s total value locked dropped sharply. According to https://defillama.com, TVL fell by nearly $10 billion to $16.4 billion.
Liquidity Crunch Drives Borrowing Rates Higher
The Kelp DAO exploit also triggered liquidity issues across DeFi markets. As funds exited Aave, borrowing conditions tightened rapidly.
For example, USDT borrowing rates surged from 3% to 14%. This marks the highest level since December 2024.
Julio Moreno from CryptoQuant highlighted this spike as a direct consequence of reduced liquidity. You can explore CryptoQuant insights at https://cryptoquant.com.
Higher rates often discourage borrowing activity. However, they also reflect increased risk within the ecosystem.
Aave Begins Gradual Recovery Measures
Despite the disruption, Aave has started recovery efforts. On Tuesday, the platform unfroze Wrapped Ether reserves on Ethereum Core V3.
This decision allows users to supply WETH once again. However, reserves on other networks remain frozen. These include Arbitrum, Base, Mantle, and Linea.
Such cautious steps aim to stabilize the platform. At the same time, they prevent further exploitation risks.
Comparison With Previous Major Crypto Hacks
The Kelp DAO exploit shares similarities with earlier incidents. Notably, the 2025 Bybit hack involved extensive Ether laundering.
During that event, attackers converted 83% of stolen ETH into Bitcoin. Furthermore, 72% of funds moved through THORChain.
Despite these efforts, about 77% of the funds remained traceable. This demonstrates that blockchain transparency still offers investigative advantages.
Therefore, experts remain optimistic about tracking Kelp DAO funds, despite current laundering attempts.
What This Means for DeFi Security
The Kelp DAO exploit underscores critical vulnerabilities in decentralized finance. Single points of failure remain a major concern.
Additionally, cross-chain bridges continue to attract attackers due to their complexity. As DeFi grows, these risks will likely increase.
Projects must adopt stronger verification systems and multi-layer security. Otherwise, similar exploits could become more frequent.
Investors should also evaluate protocol security before committing funds. Transparency, audits, and decentralization levels are key indicators.
Conclusion: Ongoing Threat and Industry Response
The Kelp DAO exploit is far from over. The attacker’s movement of $175 million in Ether marks a new phase in the incident.
Meanwhile, investigators continue tracking transactions across multiple protocols. DeFi platforms are also implementing emergency measures to limit damage.
Although recovery remains uncertain, the incident offers valuable lessons. Stronger infrastructure and better risk management are essential moving forward.
Ultimately, the Kelp DAO exploit highlights both the strengths and weaknesses of decentralized finance. The coming weeks will determine how effectively the ecosystem adapts.
Read Also: South Korea Crypto Exchange Rules Tighten With Five-Minute Asset Verification Mandate
Comments are closed.