Crypto firms trade blame after biggest heist of 2026, $71M frozen

Published: 21 April 2026
bitcoin logo sculpture made from scrap metal, frozen on snow, mining truck in the background
Bitcoin sculpture in the Arctic's first crypto farm. Andrey Rudakov/Bloomberg/Getty.

While security experts are working to trace and stop the criminals behind the biggest crypto hack of 2026 and have already frozen millions in stolen funds, the two involved parties, Kelp DAO and LayerZero, have started the blame game.

First, on Tuesday morning (UTC time), the Security Council of the Arbitrum blockchain said it had frozen 30,766 ETH ($71 million) held at an address linked to the $292 million Kelp DAO exploit.

The Council said they "acted with input from law enforcement."

ADVERTISEMENT

"After significant technical diligence and deliberation, the Security Council identified and executed a technical approach to move funds to safety without affecting any other chain state or Arbitrum users," they said, adding that the fate of the frozen funds will now depend on Arbitrum governance, which will be coordinated with relevant parties."

While this decision drew the usual criticism over a lack of decentralization, as someone can just freeze funds, Taylor Monahan, a security expert and researcher at crypto wallet Metamask, suggested that, as decentralized finance (DeFi) platforms “have several single-points-of-failure," they could be identified and used to intercept the stolen funds, while fixing these points right afterward.

Meanwhile, Kelp responded to LayerZero's accusations that the hack was enabled by the poor configuration of its DVN (decentralized verifier network used to verify the integrity of cross-chain messages), which was a single-DVN setup.

According to LayerZero, the industry best practice is to configure a multi-DVN setup with diversity and redundancy, so no single DVN becomes a single point of failure.

Kelp claimed that this single DVN setup "is the configuration documented in LayerZero's documentation and shipped as the default."

"Kelp has operated on LayerZero infrastructure since January 2024 and has maintained an open communication channel with the LayerZero team throughout. The question of DVN configuration came up during Kelp's L2 expansion, and defaults were affirmatively confirmed as appropriate at that time," the team said, concluding that "establishing a shared and accurate account of what happened is the foundation for making the right fixes together."

ADVERTISEMENT

Meanwhile, the broader DeFi industry continues to grapple with the consequences of the hack. For example, the DeFi giant Aave is evaluating potential losses due to the incident.

Under one scenario, if the losses are spread evenly across all the stolen rsETH token holders, the protocol would face about $124 million in bad debt. In the second scenario, bad debt roughly doubles to $230 million.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT