Arbitrum Freezes $70M ETH Linked to KelpDAO Exploit, LayerZero Dispute

Arbitrum’s Security Council froze about 30,766 ETH (≈$70.94M) on Arbitrum One tied to the KelpDAO exploit address. Arbitrum said it transferred the funds to an intermediary wallet on April 20 (11:26 pm ET) so the hackers can’t access them, while any further movement will require governance decisions coordinated with law enforcement. The latest reports add details on the attack path. Onchain Labs said the exploiter likely burned the same 30,766 ETH, and KelpDAO’s April 18 incident resulted in about 116,500 rsETH lost (≈$292M). The target was a LayerZero Labs-based cross-chain bridge, reportedly involving compromised RPC nodes and approval of a fraudulent cross-chain message. LayerZero disputed the adequacy of KelpDAO’s verification, citing a 1-of-1 DVN setup, while KelpDAO argued this configuration matched LayerZero documentation and was the default. DeFi lending contagion risk also emerged. On Aave V3, the attacker deposited rsETH collateral and borrowed large amounts of wrapped ETH, leaving positions with low health factors and increasing bad-debt risk. For traders, this Arbitrum freezes ETH response can reduce immediate sell pressure from the stolen funds, but the broader breach dispute and Aave risk keep near-term uncertainty elevated for ETH-linked liquidity.