News linked to both this project and an event.
According to an official post by Umbra (@UmbraCash), the privacy payment protocol Umbra was used to transfer funds related to a recent hacking incident, involving 349 ETH (approximately $800,000). Umbra stated that, as its privacy address system primarily protects the recipient’s identity—not the sender’s—it offers limited practical assistance to hackers attempting to obscure the origin of stolen funds. All stolen funds remain identifiable and traceable. The team has been in active communication and collaboration with security researchers. Umbra also noted that the protocol is powered entirely by autonomous smart contracts; thus, the team cannot prevent anyone from using the contracts or self-hosted frontend versions. In support of fund recovery efforts, the team placed the hosted frontend into maintenance mode at 6:45 a.m. ET on April 21. Access will be restored once it is confirmed that doing so will not impede the recovery process. The protocol itself continues operating normally, and all funds held within privacy addresses remain secure.
Odaily News: Privacy protocol Umbra has shut down its hosted frontend website to prevent attackers from using the protocol to transfer stolen funds from a recent security incident. Umbra stated that approximately $800,000 in funds were transferred through its protocol, but the protocol only hides the recipient's identity, and the related transactions can still be tracked on-chain. This measure follows the attack on the Kelp protocol, which resulted in losses exceeding $280 million. Umbra said it will restore frontend services after confirming it does not affect asset recovery efforts, but it cannot prevent users from continuing to use the protocol via smart contracts or self-hosted frontends. (Cointelegraph)
On-chain investigator ZachXBT updated that funds related to the KelpDAO attack have begun moving: approximately $1.5 million has been cross-chained from Ethereum Mainnet to the Bitcoin network via Thorchain, and roughly $78,000 has been transferred via Umbra. The attacking address initially sourced its funds from Tornado Cash, and fund laundering and cross-chain transfers are ongoing.