Kelp DAO attacker laundered nearly all 75,700 ETH via THORchain
The attacker who stole 75,700 ETH from Kelp DAO laundered nearly all of the funds through THORchain cross-chain swaps.
On-chain records show the attacker who stole 75,700 ETH from Kelp DAO moved nearly all the tokens through THORchain using the protocol’s cross-chain swap functions. The bulk of the ether was routed through THORchain liquidity pools and converted into other assets shortly after the breach.
The attacker split the funds into multiple chunks and executed a series of swaps on THORchain that converted native Ethereum assets into tokens on other blockchains without wrapped tokens or centralized intermediaries. The swaps dispersed value across token types and chains in a concentrated window immediately after the exploit, according to transaction timings visible on public block explorers.
Analysts tracking addresses tied to the theft reported that roughly the full 75,700 ETH passed through THORchain-controlled swap routes. Some converted funds were moved into stablecoins and other liquid assets and then forwarded to intermediary addresses.
Kelp DAO representatives and independent security firms are reviewing the on-chain movements to identify possible recovery paths and to map the attacker’s withdrawal strategy. Efforts to freeze or reclaim assets depend on where the laundered funds are deposited, particularly if they reach centralized exchanges or custodial services that apply know-your-customer checks.
THORchain is a decentralized liquidity network that enables trustless cross-chain swaps by using liquidity pools and node operators. Its design lets users swap native assets across blockchains without intermediaries and allows rapid conversion and distribution of value across chains.
Security professionals say tracing funds across multiple chains requires coordinated analysis of swap events, liquidity pool flows and subsequent transactions on target chains. Recovery typically hinges on identifying when and where an attacker converts on-chain tokens into fiat or deposits them on platforms that can link funds to real identities.
Kelp DAO members are working with external investigators to map the flow of the stolen ETH and to determine next steps for remediation and governance, including potential proposals to replenish the treasury. The DAO notified stakeholders after the loss.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
