News linked to both this project and an event.
According to on-chain analyst Ember (@EmberCN), the rsETH incident on April 18 resulted in a funding shortfall of approximately 68,900 ETH (around $160 million): the hacker collateralized rsETH to borrow 99,600 ETH; after Arbitrum recovered 30,700 ETH, the remaining funds were fully converted by the hacker into BTC. The incident has now entered the remediation phase. Aave is coordinating the establishment of a “DeFi United” relief fund, which has so far received cumulative donations totaling 13,500 ETH (approximately $31.45 million). Donors include Lido Finance (2,500 stETH), ether.fi Foundation (5,000 ETH), Aave founder Stani Kulechov (5,000 ETH), Golem Foundation (1,000 ETH), as well as LayerZero and Ink Foundation (amounts undisclosed).
According to on-chain analyst Yujin (@EmberCN), the KelpDAO hacker, over a period of approximately one and a half days, has converted nearly all 75,700 ETH (valued at roughly $175 million) on Ethereum into BTC—primarily via the cross-chain protocol THORChain. This money-laundering activity generated approximately $800 million in trading volume and $910,000 in platform fees for THORChain.
According to Cointelegraph, Admiral Samuel Paparo of the U.S. Navy stated at a hearing before the Senate Armed Services Committee that Bitcoin is a “valuable computer science tool,” and that its proof-of-work technology holds significant applications in cybersecurity—increasing attackers’ costs and enabling the protection of data, information, and command signals, thereby supporting U.S. national security interests. Paparo noted: “Beyond the economic dimension, it has extremely important computer science applications in cybersecurity.” Earlier, in 2023, Jason Lowery of the U.S. Space Force expressed a similar view.
According to on-chain analyst Yu Jin, the KelpDAO hacker began laundering and transferring ETH yesterday afternoon, and by now should have laundered 34,500 ETH (worth $80 million).Most of this ETH was cross-chain swapped into BTC via THORChain, which consequently earned a significant amount in "toll fees":1. THORChain's trading volume surged to $360 million over the past 24 hours, compared to an average daily volume of only $20 million previously.2. THORChain's platform fee revenue reached $420,000 over the past 24 hours, whereas its daily fee income was only $5,000 before.
According to on-chain analyst Specter (@SpecterAnalyst), the North Korean hacking group TraderTraitor began laundering stolen funds from KelpDAO at approximately 3 a.m. Beijing time today—just three hours after the Arbitrum Council froze 30.7 ETH (approximately $71 million). The attackers split the remaining funds across three wallets, holding roughly 25,000 ETH (~$57.6 million), 25,700 ETH (~$59.2 million), and 25,000 ETH (~$57.9 million), respectively. The third wallet immediately initiated laundering operations and now holds only about 3,800 ETH (~$8 million). The majority of the funds were bridged to the Bitcoin network via THORChain, with approximately 99% flowing through this protocol. As a result, THORChain’s daily trading volume surged to $211 million—more than ten times its 30-day average—and generated roughly $189,000 in fees. During this laundering process, the illicit proceeds were also commingled with funds stolen in the BTC Turk (2025) and Bybit (2025) hacks. To date, approximately 442 BTC (~$33 million) linked to these incidents have been traced on the Bitcoin network, and over 400 addresses have been utilized throughout the entire laundering operation.
On-chain investigator ZachXBT updated that funds related to the KelpDAO attack have begun moving: approximately $1.5 million has been cross-chained from Ethereum Mainnet to the Bitcoin network via Thorchain, and roughly $78,000 has been transferred via Umbra. The attacking address initially sourced its funds from Tornado Cash, and fund laundering and cross-chain transfers are ongoing.
Odaily News Trader 0xSun posted stating that news-driven trading remains one of the more cost-effective strategies in the current crypto market, with its core lying in the directionality and volatility brought by events.Reviewing several recent events, including abnormal ETH transactions, Arc fee adjustments, TAO ecosystem changes, RAVE-related investigations, and the KelpDAO security incident, all triggered significant price fluctuations within a short period. He believes that participating in such opportunities relies on either the speed of information acquisition or the ability to judge the impact of events.Furthermore, he indicated that as the recent altcoin market has gradually cooled down, he has resumed the strategy of going long on BTC while hedging by shorting some altcoin assets. He believes that against the backdrop of relatively weak liquidity and the fading of certain narratives, the overall performance of altcoins may face relatively more pressure.
Arkham monitoring shows that a U.S. government address has just transferred $606,470 worth of Bitcoin to Coinbase Prime. This Bitcoin was previously seized by the U.S. government from Ilya Lichtenstein, the Bitfinex hacker. It remains unclear whether this batch of stolen Bitcoin will be sold on Coinbase.
According to on-chain analytics platform Lookonchain (@lookonchain), the U.S. government deposited 8.2 BTC (approximately $606,000) into Coinbase Prime; these funds originated from assets previously seized in connection with the Bitfinex hack.
According to Decrypt, Blockstream CEO Adam Back stated at Paris Blockchain Week that he supports advancing Bitcoin’s quantum resistance upgrade on an opt-in basis, opposing proposals to forcibly freeze quantum-vulnerable addresses. He emphasized that “preparation well in advance is far safer than scrambling to respond during a crisis,” and noted that the Bitcoin community possesses strong coordination capabilities to rapidly address critical vulnerabilities. Previously, developer Jameson Lopp and five others proposed BIP-361 (“Post-Quantum Migration and Legacy Signature Sunset”), which advocates phasing out quantum-vulnerable addresses over five years and ultimately freezing coins held in unmigrated addresses—including approximately 1.7 million bitcoins held by Satoshi Nakamoto.
According to CoinDesk, Adam Back, CEO of Blockstream, stated at Paris Blockchain Week that Bitcoin developers should move forward early with optional post-quantum upgrades—even though practical quantum computers remain far from realization. He noted that Taproot’s flexible design supports integrating new post-quantum signature schemes without affecting existing users. Previously, Jameson Lopp and others proposed BIP-361, aiming to phase out quantum-vulnerable addresses over five years and freeze bitcoins in addresses that fail to complete the migration. Adam Back believes the Bitcoin community can rapidly coordinate a response in an emergency—without needing to predefine freezing arrangements.
BitMEX Research published an article proposing an alternative soft fork to BIP-361, suggesting that dormant bitcoins vulnerable to quantum attacks be frozen only upon confirmed existence of a quantum computer capable of stealing bitcoins. The proposal introduces a “canary fund” mechanism: a special bitcoin address whose private key is unknown but theoretically crackable by a sufficiently powerful quantum computer; users may donate BTC to this address as a bounty. If funds are spent from this address, it signals confirmed quantum threat and automatically triggers the freezing mechanism. BitMEX Research states that this proposal serves as a less contentious alternative to the more controversial BIP-361.
Odaily News Bitcoin Core developer Jameson Lopp stated that compared to potential future quantum computing attacks, he would prefer to "freeze" approximately 5.6 million long-dormant BTC from the network rather than letting them be acquired by attackers. These bitcoins have not moved for over 10 years and may be permanently lost, valued at around $420 billion at current prices. If future breakthroughs in quantum computing lead to the private keys of old addresses being cracked, these assets could be transferred again, potentially triggering severe market volatility or even a crisis of confidence. Although the community recently proposed BIP-361, the proposal is still in its early stages and is not a formally promoted solution, but rather more like a contingency plan for an "extreme risk." (CoinDesk)
Odaily News Bitcoin contributor Jameson Loop and other cryptographers have proposed an initiative that could force Bitcoin holders to migrate their tokens to new quantum-resistant addresses, otherwise their tokens would be permanently frozen by the network itself. In this scenario, holders would technically still "own" the coins but would lose the ability to transfer them. This is known as Bitcoin Improvement Proposal BIP-361, which was updated in Bitcoin's official proposal repository on Tuesday under the title "Post-Quantum Migration and Legacy Signature Deprecation".BIP-361 builds upon the BIP-360 proposal introduced in February. BIP-360 introduced a soft fork (a network upgrade) designed to enable a new transaction type called "Pay-to-Merkle-Root" (P2MR). This method draws from Bitcoin's Taproot (P2TR) framework but removes the key-based spending path, thereby eliminating an element widely considered to be at risk in the quantum era.The BIP-361 proposal divides the migration into three phases. Phase A begins three years after activation, prohibiting anyone from sending new Bitcoin to legacy, quantum-vulnerable addresses. You can still spend from these addresses but cannot receive any coins.Phase B begins five years after activation, rendering legacy signatures (ECDSA and Schnorr) completely invalid. The network will reject any attempts to spend coins from quantum-vulnerable wallets. Essentially, your coins will be frozen.Finally, there is Phase C, a still-under-research rescue plan: holders of frozen wallets may be able to prove ownership via zero-knowledge proofs (a method of proving knowledge of a secret without revealing the secret itself). If successful, coins frozen in Phase B could be recovered. (CoinDesk)
According to Cointelegraph, Cypherpunk Jameson Lopp and several other Bitcoin quantum-security experts have proposed Bitcoin Improvement Proposal BIP-361, recommending the freezing of quantum-vulnerable addresses—including the Satoshi Nakamoto reserve—to prevent future quantum computers from stealing approximately 1.7 million bitcoins. The proposal proceeds in three phases: first, prohibiting transfers to legacy addresses; second, invalidating legacy signatures and freezing unmigrated assets after five years; and third, enabling partial users to recover frozen funds via zero-knowledge proof mechanisms. The proposal aims to drive the entire network’s migration to quantum-resistant addresses, but has drawn opposition from some community members who argue it violates Bitcoin’s decentralization principles and carries authoritarian and confiscatory characteristics.
According to The Block, U.S. musician Garrett Dutton (stage name G. Love) lost 5.9 BTC—worth approximately $420,000—after downloading and using a counterfeit Ledger wallet app from the App Store and entering his recovery phrase. On-chain analyst ZachXBT discovered that the attacker laundered the stolen Bitcoin via the KuCoin platform. This incident once again exposes the security risks posed by fake wallet apps, reminding users to exercise heightened caution when downloading and using cryptocurrency-related applications, and to avoid entering sensitive information through unofficial channels.
Currently, quantum threats to Bitcoin remain theoretical, but companies such as Google and Cloudflare have already begun preparations and set a target of completing post-quantum migration by 2029.
According to The Block, Avihu Levy, a researcher at StarkWare, published a paper proposing the Quantum Safe Bitcoin (QSB) scheme, claiming it enables quantum-resistant transactions under Bitcoin’s existing script rules—without requiring a soft fork. This scheme replaces elliptic-curve cryptography with the RIPEMD-160 hash function via a “hash-to-signature” puzzle, thereby enhancing resilience against quantum attacks. The paper notes that QSB’s current per-transaction cost ranges from $75 to $150—significantly higher than today’s average transaction fee—and involves complex user experience; thus, it is recommended only as a “last resort.” The scheme remains constrained by script opcodes and size limits, and does not yet support all use cases—such as the Lightning Network. Compared to BIP-360—which requires protocol-level changes—QSB needs no modifications to the Bitcoin protocol, but remains experimental.
According to ZachXBT, BitcoinDepot filed an 8-K on April 6, 2026, stating that it discovered the theft of 50.9 BTC on March 23; on-chain tracking shows that 19 high-confidence theft addresses had already transferred a total of 54.45 BTC as early as March 20—3.55 BTC more than disclosed—and the funds ultimately flowed into KuCoin, indicating the company may have detected the anomaly three days late.
According to Decrypt, Bitcoin ATM operator Bitcoin Depot filed a disclosure with the U.S. Securities and Exchange Commission (SEC) revealing that it suffered a cybersecurity attack on March 23. Hackers infiltrated the company’s IT systems to obtain credentials for its digital asset settlement account and stole approximately 50.9 BTC—valued at roughly $3.665 million—from the company’s wallet. Following the incident, the company activated its incident response protocol, engaged external cybersecurity experts to conduct an investigation, and notified law enforcement authorities. Bitcoin Depot stated that its customer platform and user data remained unaffected. The company classified this event as a material matter, which may result in reputational damage and additional legal and regulatory costs.