Following the cyber attack that occurred over the weekend and had wide repercussions in the cryptocurrency ecosystem, Arbitrum Security Council froze 30,766 ETH worth approximately $71.1 million. This amount was detected at an address on Arbitrum One and was announced to be related to the $292 million Kelp DAO attack.
While funds were secured, users were not affected
The Arbitrum team announced in a statement on its social media account on Tuesday that the security council transferred the funds in question to a frozen intermediary wallet. It was especially emphasized that this move was limited only to the relevant funds and did not have any negative impact on the general condition of the platform or the users.
It was stated that the final decision regarding the fate of the funds was left to the management processes of the Arbitrum community. Unless a vote or other governance decision is taken, these ETH assets will remain frozen.
In the announcement shared by Arbitrum, it was stated that “The Security Council took action in line with the information received from law enforcement regarding the identity of the malicious attacker, and care was taken not to compromise the integrity of the Arbitrum community.”
Kelp DAO attack resulted in huge losses
This security measure comes on the heels of a large-scale attack on the Kelp DAO over the weekend, which caused great outrage in the industry. As a result of the vulnerability in Kelp DAO, which is known for its cross-chain bridges and uses the LayerZero infrastructure, a total of 116,500 rsETH tokens were stolen from the platform. It was recorded that the value of this amount was approximately 292 million dollars, which was interpreted as one of the record levels for such attacks.
The first findings of the research brought to the agenda that the source of the attack may be connected to the famous North Korea-based hacker group Lazarus. In the evaluation made by the LayerZero team, it was stated that the traces behind the incident were similar to previous hacker attacks.
System vulnerability and debate between parties
LayerZero officials criticized the decentralized verification configuration with a 1-to-1 prover used by Kelp DAO, claiming that this system lacked an independent control mechanism and that this vulnerability created a vulnerability that could be used for fraud.
In response to the criticisms, Kelp DAO management reminded that this criticized verification infrastructure is offered by default by LayerZero. Thus, they took a stance that the responsibility could not be placed entirely on them.
It was observed that the discussion between the parties brought to the agenda the review of the security architecture in bridge protocols and standards for the protection of crypto assets.
These developments have once again brought to the fore security discussions in cross-chain fund transport infrastructures in the decentralized finance ecosystem. While the repercussions of the incident continue, those responsible for the attack and the processes of recovering the stolen funds are closely monitored by the community and authorities.
