Hackers exploited Kelp DAO’s cross-chain bridge on Saturday, a move that saw millions of dollars being drained, resulting in a ripple effect across multiple crypto platforms.
The attacker stole about 116,500 rsETH, a token issued by Kelp DAO that represents “restaked” Ethereum by targeting a bridge built using LayerZero, a system that allows different blockchains to communicate.
Kelp DAO is a restaking protocol that lets users deposit staking tokens like stETH and cbETH and get rsETH in return. They can then use rsETH in other crypto apps.
The exploit sparked a broad liquidity crunch across DeFi, sparking heavy withdrawals from major lending platforms, including Aave. Developers claim the hack stemmed from a misconfigured cross-chain verification setup in LayerZero-based infrastructure.
XRP Loses ETF Appeal to Bitcoin in $1.4 Billion Week, Binance Whale Bags Billions of SHIB Amid Asteroid Shiba Surge, Dogecoin Price Turns Green for Doge Day: Morning Crypto Report
Breaking: Strategy Announces Third-Biggest Bitcoin Purchase Ever
You Might Also Like
The incident affected about 18% of the rsETH supply and follows a string of large DeFi hacks this month (including a $285 million hack of Solana’s Drift protocol, smaller protocols such as CoW Swap, Zerion, Rhea Finance and Silo Finance), prompting protocols to freeze markets and urgently review their cross-chain configurations.
Where are the funds?
In a recent tweet, Arkham provided an analysis of where the funds might have gone.
According to Arkham, KelpDAO had $293.7 million stolen in an attack by an entity believed to be the Lazarus Group. The attacker forged a cross-chain message by exploiting LayerZero’s DVN (Decentralized Verified Network) to fake a withdrawal of rsETH to Ethereum.
Arkham tracks the path of the funds since the incident happened on Saturday. It was observed that the attacker deposited the majority of the stolen rsETH to AAVE and Compound.
A total of $269.74 million RSETH were deposited to AAVE and Compound, Arkham noted, with the attacker withdrawing a total of $228.21 million of WETH and wstETH from these DeFi protocols. He also swapped a total of $15.34 million rsETH to $14.51 million ETH using Kyberswap, Euler Finance and Wintermute. The attacker now holds $242.18 million in ETH.
Source: https://u.today/293-million-crypto-hack-where-did-funds-go