Kelp DAO Hacker Converts 75,700 ETH Haul Through THORchain Cross-Chain Bridge
The perpetrator behind the Kelp DAO exploit has successfully funneled nearly all 75,700 stolen ETH through THORchain's cross-chain bridge infrastructure, effectively laundering what amounts to approximately $175 million in illicit crypto assets. The Laundering Operation Unfolds We're tracking
The perpetrator behind the Kelp DAO exploit has successfully funneled nearly all 75,700 stolen ETH through THORchain's cross-chain bridge infrastructure, effectively laundering what amounts to approximately $175 million in illicit crypto assets.
The Laundering Operation Unfolds
We're tracking a sophisticated money-laundering scheme here. The attacker linked to the Kelp DAO breach moved the vast majority of their stolen ethereum through THORchain—a decentralized cross-chain protocol designed to facilitate swaps between different blockchains. This move suggests the threat actor understands how to navigate crypto's liquidity infrastructure to obscure asset origins and convert holdings into different chains or tokens.
The scale here is significant: 75,700 ETH represents one of the larger DeFi exploit hauls we've seen recently. By routing through THORchain rather than attempting a direct sell-off, the perpetrator avoided the sudden liquidity impact and on-chain visibility that would come from dumping massive amounts of ethereum on traditional crypto exchanges. It's textbook sophisticated money laundering—using decentralized infrastructure to break the transaction trail.
Arbitrum's Intervention: A Partial Victory
Here's where the story gets more complex. Another $71 million worth of stolen ethereum sits frozen courtesy of Arbitrum's security council intervention. This represents a meaningful recovery effort, though clearly not complete. The security council essentially deployed emergency measures to halt asset transfers on the Arbitrum network layer, preventing the full extent of the theft from escaping into circulation.
This partial freeze underscores a critical tension in crypto security: while layer-two networks like Arbitrum can implement network-level controls, they're ultimately powerless once assets migrate to different chains or get routed through decentralized protocols like THORchain. The attacker understood this dynamic and acted accordingly.
What This Tells Us About DeFi Security
The Kelp DAO exploit and subsequent laundering operation reveal uncomfortable truths about our ecosystem's current vulnerability surface. These aren't random actors—this is precision work. The attacker:
- •Identified a specific vulnerability in Kelp DAO's smart contracts
- •
Alpha Take
The Kelp DAO exploit demonstrates that sophisticated attackers now operate with clear knowledge of crypto's liquidity infrastructure and recovery mechanisms. Institutional traders and portfolio managers should reassess exposure to DeFi protocols lacking adequate circuit-breakers and emergency pause mechanisms. The security council's partial intervention shows blockchain networks can respond to exploits, but decentralized bridges like THORchain remain largely outside these protective perimeters—a critical consideration for risk management and market intelligence assessments.
Originally reported by
CoinTelegraph
Not financial advice. Crypto investing involves significant risk. Past performance does not guarantee future results. Always do your own research.