•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Arbitrum has moved to freeze a large portion of funds tied to the Kelp DAO exploit as the fallout from a cross-chain breach continues to unfold.
In a Tuesday update, Arbitrum said its Security Council seized 30,766 ETH from an address linked to the attacker on Arbitrum One. The assets were placed into a frozen intermediary wallet to prevent further movement.
Arbitrum said the intervention was carried out without interrupting network operations or affecting users and applications. The funds are expected to remain locked unless governance decides on the next course of action.
The network added that the Security Council acted with input from law enforcement regarding the exploiter’s identity, while weighing its commitment to community security and integrity without impacting Arbitrum users or applications.
Arbitrum’s action follows days after a major exploit targeting Kelp DAO’s LayerZero-powered bridge drained 116,500 rsETH, valued at about $292 million.
Early analysis from LayerZero linked the attack to North Korea’s Lazarus Group, citing a coordinated compromise of RPC nodes used within the decentralized verified network.
Investigators said two nodes were poisoned and a third was disrupted through a DDoS attack. This sequence allowed a malicious cross-chain message to pass validation and mint rsETH without backing.
Portions of the stolen assets were later routed into Aave V3. The attacker reportedly used rsETH as collateral to borrow wrapped ETH, raising concerns about potential system-wide exposure.
In response, Kelp DAO halted contracts and blacklisted wallets tied to the breach. It said the measures blocked an additional 40,000 rsETH, estimated at roughly $95 million, from being drained.
Recovery work and coordination with ecosystem partners is ongoing.
Tensions have surfaced between LayerZero and Kelp DAO regarding the configuration used to secure the bridge.
LayerZero said the project relied on a 1-of-1 decentralized verified network (DVN) configuration, arguing that such a setup creates a single point of failure without independent validation.
LayerZero also stated that it and other external parties previously communicated best practices around DVN diversification to Kelp DAO, adding that the project “chose to utilize a 1/1 DVN configuration.”
Kelp DAO disputed LayerZero’s characterization, saying the configuration was part of the default deployment framework.
The project said the “1-of-1 DVN setup” is the configuration documented in LayerZero’s documentation and shipped as the default for any new OFT deployment. Kelp DAO added that the design had been “affirmatively confirmed as appropriate” in earlier discussions.
Premium gym chains are entering a “golden era” that is ending or already in decline, as rising operating costs collide with shifting consumer preferences toward more flexible, community-based ways to exercise. Long-term memberships are shrinking, margins are pressured by higher rents and facility expenses, and competition from smaller, more personalized…
