Kelp $293M hack; RaveDAO denies pump; Warren questions SEC
An attacker drained $293 million from Kelp’s rsETH bridge. RaveDAO denied a role in a rapid RAVE pump-and-crash. Sen. Elizabeth Warren accused SEC Chair Paul Atkins of misleading Congress.
Security firm Cyvers and blockchain analysts reported that on Saturday an attacker drained about $293 million from Kelp’s bridge for the rsETH token. Kelp confirmed it froze rsETH contracts on its mainnet and on several Layer-2 networks while teams worked to contain the breach.
Decentralized lending platform Aave paused rsETH markets on Aave V3 and V4. Cyvers said at least nine other protocols with exposure to rsETH moved to freeze activity or apply other safeguards to limit further losses.
The rsETH token represents ETH that has been restaked and can be routed across networks through bridges. Cyvers reported the attacker exploited the bridge contract for rsETH to move funds off the network.
Kelp has not released a full breakdown of losses or a recovery plan. The incident followed other large attacks this month, including a $280 million drain from Drift Protocol.
RaveDAO posted on X that it was “not engaged in, nor responsible for, recent price action” after the RAVE token surged from roughly $0.25 to nearly $28 and then collapsed. Onchain investigator ZachXBT alleged a coordinated pump-and-dump, citing concentrated token holdings and transfers between exchanges and wallets and claiming more than 90% of supply may be held by insiders.
Binance CEO Richard Teng wrote, “We’re looking into it,” and Bitget CEO Gracy Chen wrote the exchange had “started investigating” RAVE trading activity. Both exchanges opened probes into the trading patterns.
Sen. Elizabeth Warren wrote to SEC Chair Paul Atkins, citing the SEC’s fiscal 2025 enforcement report and saying the number of enforcement actions was at its lowest level in more than 20 years. She noted that at a Feb. 12 hearing Atkins said he was “not sure what data” she was referencing and asked the agency for clarification and additional information. Her letter did not request specific sanctions.
Investigators and onchain analysts are examining transaction histories to trace stolen funds and identify responsible addresses. Developers and platforms froze contracts and trading related to the incidents while reviews and probes continue.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
