Kelp DAO Attacker Initiates Laundering of $175 Million in Stolen Ether

The attacker responsible for the $290 million Kelp DAO exploit has begun transferring approximately $175 million in Ether (ETH) to newly created blockchain addresses. According to data from Arkham, the movement involved roughly 75,700 ETH across three separate transactions on Tuesday, signaling an active effort to laundry the stolen funds. The original exploit targeted Kelp DAO’s LayerZero-powered rsETH bridge, where approximately 116,500 restaked Ether (rsETH) was drained. LayerZero attributed the vulnerability to a 'single point of failure' caused by Kelp DAO's 1/1 decentralized verifier network (DVN) configuration, a setup the provider had previously advised against. The impact extended to Aave, where the attacker utilized stolen assets as collateral to borrow further funds. This has left Aave facing potential bad debt estimated between $123.7 million and $230.1 million. Consequently, Aave's total value locked (TVL) plummeted by approximately $10 billion, falling to $16.4 billion as of Tuesday. Liquidity constraints have driven Aave’s borrowing rates for USDt from 3% to 14%, the highest levels since December 2024. While Arbitrum's security council successfully froze 30,766 ETH, the attacker is now utilizing THORChain and Umbra to complicate tracing and recovery efforts.