Millions in Stolen Cryptocurrency Being Laundered by KelpDAO Hackers

Following the $290 million KelpDAO heist, the perpetrators are now attempting to legitimize their illicit gains, as revealed by on-chain analyst ZachXBT and data provided by Arkham. On Tuesday, during European business hours, the wallet controlling the stolen funds made two significant transfers on the Ethereum blockchain, valued at $117 million and $58 million, according to Arkham. ZachXBT has reported that a portion of the stolen cryptocurrency is being moved across different blockchain networks. Approximately $1.5 million was transferred from Ethereum to Bitcoin via Thorchain, while an additional $78,000 was routed through the Umbra privacy protocol. Notably, the North Korean hacking group Lazarus has previously employed similar protocols, such as Thorchain, for money laundering purposes. The use of cross-chain transfers and privacy tools is typically associated with the initial 'layering' phase of money laundering, suggesting that the attacker may be preparing to further distribute the funds across multiple platforms. The KelpDAO breach is one of the most significant DeFi security incidents in recent months, triggering a wave of negative sentiment throughout the DeFi sector and raising concerns about potential contagion effects on other blockchain networks. In response to the hack, Arbitrum, a Layer 2 network, announced on Monday that it had frozen $71 million in ether linked to the breach, a move that could pressure the hacker to accelerate their efforts to move and launder the remaining stolen funds.