Arbitrum council freezes 30,766 ETH linked to Kelp hack
Arbitrum’s security council froze 30,766 Ether (about $71.2 million) from a wallet tied to the Kelp protocol hack and moved the funds to an intermediary frozen wallet.
On Monday Arbitrum’s security council froze 30,766 Ether, roughly $71.2 million, from a wallet connected to the Kelp protocol exploit and transferred the assets to an intermediary frozen wallet that can only be moved by Arbitrum governance. The council described the action as emergency containment to prevent the original address from moving the funds.
The council that approved the freeze is a 12-member body elected by the Arbitrum community. The vote followed a breach of the Kelp protocol on Saturday. Kelp, a liquid restaking protocol, was exploited through its LayerZero-powered bridge, with at least $293 million taken. LayerZero attributed the attack to North Korean actors.
Attackers converted stolen Kelp tokens into assets that could be borrowed and used those assets to take loans on the lending protocol Aave, producing millions of dollars in bad debt across related lending markets. Arbitrum said the council acted with input from law enforcement and aimed to protect the security and integrity of the Arbitrum network while avoiding impact on other users or applications.
Griff Green, a member of the security council, wrote on X that the group “did not make this decision lightly,” and that nine of the 12 members voted in favor of freezing the funds. The council did not provide a timetable for governance action or additional operational details about the frozen wallet.
The frozen assets are now subject to Arbitrum governance processes that will determine whether funds are returned to victims, used to offset bad debt, or otherwise handled according to network rules. The council described the intermediary wallet as a temporary measure while governance considers next steps.
Users on X reacted to the freeze with criticism and questions about decentralization, while other users posted that freezing funds can limit further losses after large exploits. The incident highlights risks in cross-chain bridges, which move assets between blockchains and are frequent attack targets, and in liquid restaking protocols, which let users reuse staked assets and can create additional interdependence across protocols.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
