News linked to both this project and an event.
According to on-chain analyst Ember (@EmberCN), the rsETH incident on April 18 resulted in a funding shortfall of approximately 68,900 ETH (around $160 million): the hacker collateralized rsETH to borrow 99,600 ETH; after Arbitrum recovered 30,700 ETH, the remaining funds were fully converted by the hacker into BTC. The incident has now entered the remediation phase. Aave is coordinating the establishment of a “DeFi United” relief fund, which has so far received cumulative donations totaling 13,500 ETH (approximately $31.45 million). Donors include Lido Finance (2,500 stETH), ether.fi Foundation (5,000 ETH), Aave founder Stani Kulechov (5,000 ETH), Golem Foundation (1,000 ETH), as well as LayerZero and Ink Foundation (amounts undisclosed).
According to on-chain analyst PeckShield (@PeckShieldAlert), the KelpDAO attacker has transferred ETH from Ethereum to Arbitrum via the Across Protocol, swapped it for USDT, and then routed the funds to TRON DAO via LayerZero.
According to on-chain analyst Specter (@SpecterAnalyst), the North Korean hacking group TraderTraitor began laundering stolen funds from KelpDAO at approximately 3 a.m. Beijing time today—just three hours after the Arbitrum Council froze 30.7 ETH (approximately $71 million). The attackers split the remaining funds across three wallets, holding roughly 25,000 ETH (~$57.6 million), 25,700 ETH (~$59.2 million), and 25,000 ETH (~$57.9 million), respectively. The third wallet immediately initiated laundering operations and now holds only about 3,800 ETH (~$8 million). The majority of the funds were bridged to the Bitcoin network via THORChain, with approximately 99% flowing through this protocol. As a result, THORChain’s daily trading volume surged to $211 million—more than ten times its 30-day average—and generated roughly $189,000 in fees. During this laundering process, the illicit proceeds were also commingled with funds stolen in the BTC Turk (2025) and Bybit (2025) hacks. To date, approximately 442 BTC (~$33 million) linked to these incidents have been traced on the Bitcoin network, and over 400 addresses have been utilized throughout the entire laundering operation.
Odaily News According to on-chain analyst Yu Jin's monitoring, the Arbitrum chain project team has frozen the 30,766 ETH ($70.97 million) that the KelpDAO hacker had placed on the Arbitrum chain. Through technical means, they transferred these 30,766 ETH from the hacker's wallet to the address 0x0000000000000000000000000000000000000da0, which is controlled by the Arbitrum chain. After the recovery of these 30,766 ETH, the hacker still holds 75,700 ETH ($175 million) on the Ethereum chain.
According to an official disclosure by Hyperbridge, the losses from the Token Gateway vulnerability incident on April 13 have been revised upward from an initial estimate of $237,000 to approximately $2.5 million. The increase stems primarily from losses incurred in incentive pools on Ethereum, Base, BNB Chain, and Arbitrum. The attacker extracted roughly 245 ETH from related contracts, then bypassed the MMR proof verification mechanism by forging cross-chain messages, minting 1 billion bridged DOT tokens and dumping them onto illiquid markets. Currently, some of the stolen funds have been traced on-chain to Binance. Hyperbridge is collaborating with Binance’s compliance team and law enforcement agencies to investigate the incident. Polkadot-native DOT and products such as Intent Gateway remain unaffected. The Token Gateway and bridged DOT contracts on the four affected EVM chains remain suspended. An external audit of the patched MMR verification logic is underway, and bridging functionality will be restored upon completion of the audit.