Arbitrum has taken decisive action to freeze 30,766 ETH associated with the KelpDAO exploit, thwarting the attacker’s attempts to bridge out the funds. The intervention, valued at over $70 million, was made possible through collaboration with law enforcement, indicating progress in identifying the exploiter.
The freezing of the funds came just in time, as Blockchain investigators had flagged the attacker’s efforts to move the assets off Arbitrum using a native bridge. Had the transfer been completed, the stolen ETH would have likely been integrated into a larger pool of illicit assets circulating across multiple chains.
Despite preventing nearly 29% of the stolen funds from entering the laundering pipeline, Arbitrum was unable to stop the attacker from routing approximately 75,701 ETH, amounting to around $175 million, to Ethereum mainnet. Subsequently, the funds were transferred to Bitcoin through decentralized protocols like THORChain, Chainflip, and Umbra Cash, facilitating cross-chain swaps without the need for centralized exchanges.
Analysts observed meticulous planning on the part of the attacker, leaving minimal amounts in wallets to cover transaction fees while diverting the bulk of the funds through new routes. This strategic approach, coupled with parallel transactions totaling $176 million, complicates recovery efforts and mitigates the risk of a single point of failure.
Investigators have drawn parallels between the KelpDAO exploit and North Korea’s Lazarus Group, specifically TraderTraitor, based on transaction patterns and laundering techniques. Lazarus Group has a history of targeting crypto platforms and employing sophisticated cross-chain strategies to obfuscate stolen funds, a tactic evident in the KelpDAO incident.
In conclusion, the KelpDAO exploit exemplifies the evolving landscape of cryptocurrency theft, highlighting the need for heightened security measures and international cooperation in combating cybercrime.
Be the first to comment