Autor Cointelegraph By Stephen Katte

DeFi protocol Kelp DAO said it will be migrating its restaking token, rsETH, to the Chainlink oracle platform after the $292 million exploit in April, as it continued to blame the attack on LayerZero’s cross-chain infrastructure.Hackers stole 116,500 Kelp DAO restaked ETH tokens on April 18 from Kelp DAO’s LayerZero-powered bridge, then used them as collateral on Aave v3 to borrow wrapped Ether.“After the recent LayerZero exploit, we are taking steps to ensure rsETH is fully secure, which is why we are migrating to Chainlink CCIP,” Kelp DAO said in an X post on Tuesday.Source: Kelp DAOThe Kelp DAO hack has been one of the year’s largest security incidents, causing broader ecosystem contagion and impacting the interconnected crypto lending market. At the center of the exploit has been an argument over who was responsible for the vulnerability. Kelp says it wasn’t warned of the security risksA day after the exploit, LayerZero released a postmortem arguing the hack occurred because of an inadequate setup tied to Kelp’s decentralized verifier network (DVN), which relied on a single LayerZero DVN as the only verified path rather than requiring multiple independent checks to validate cross-chain transactions. LayerZero said it advised against this setup.However, Kelp DAO said Tuesday the 1-1 setup is the default and is used by many other protocols, citing data from analytics platform Dune that found roughly half of LayerZero users have a single DVN. It also accused LayerZero of approving the setup and failing to warn about the related security risk.“Kelp has operated on LayerZero infrastructure since January 2024 and has maintained an open communication channel with the LayerZero team throughout. The question of DVN configuration came up multiple times and these configurations were confirmed as secure at that time,” Kelp DAO added.Following the hack, LayerZero announced it will no longer validate or approve cross-chain messages for any app that relies on a single verifier, and that it is in the process of migrating protocols using the setup to a multi-DVN. LayerZero CEO says many of the claims are untrueBryan Pellegrino, co-founder and CEO of LayerZero, said in a reply on X that a “ton” of Kelp’s claims were “just completely untrue.”Related: US law firm attempts to block transfer of frozen ETH from Kelp exploitHe argued that Kelp originally used the defaults, which were multi-DVN, and later manually changed to a 1/1 configuration, which isn’t recommended for production applications.“The defaults Kelp is referencing in their screenshot were multiDVN or DeadDVN, which force-rejects an application using the defaults at all and requires them to manually set configuration. rsETH was originally configured to use the default LayerZero configuration of a multiDVN setup of LayerZero Labs + Google,” he added.Source: Bryan PellegrinoPellegrino also said a complete postmortem by external security firms would be published soon. North Korea-linked hackers are suspected of being behind the attack on Kelp and the April 1 exploit of decentralized exchange Drift, which totaled $285 million. Magazine: Bitcoiners eye ‘sell in May,’ SBF’s bid for new trial shut down: Hodler’s Digest, April 26 – May 2Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Decentralized finance protocol Aave filed an emergency motion on Monday in New York to vacate a restraining notice from a US law firm aimed at blocking Arbitrum DAO from transferring 30,766 Ether to the victims of the Kelp exploit. Gerstein Harrow LLP served Arbitrum DAO with a restraining notice on Friday, arguing its clients are owed over $877 million in default judgments against North Korea. The law firm claims the North Korean hacker group behind the Kelp exploit had possession of the tokens, giving its clients a legal claim over the Ether.Aave filed the emergency motion in a New York district court, arguing that a thief doesn’t gain lawful ownership of property by stealing it. It also argued that North Korea is only suspected of being part of the theft, and that the law firm’s argument “defies logic, common sense and the law.”The Arbitrum DAO has been voting on whether to release the Ether to assist DeFi United, an industrywide coordination effort to make rsETH holders whole and help restore rsETH’s backing following the $292 million Kelp DAO hack on April 18. Voting ends May 7. Source: AaveDelay will cause “irreparable harm” to Aave, crypto ecosystemAave argued that if the court upholds Gerstein Harrow’s notice, it could deter future recovery efforts for North Korea-related hacks because of the possibility of additional legal challenges to recover funds. It further argued that it could incentivize bad actors to target more crypto protocols.Aave’s lawyers also warned that the delay is causing “irreparable harm” to the protocol, its users and the wider DeFi community, “none of which can be later cured by monetary damages.”“If the immobilized assets remain subject to a freeze and are not made available to restore value to Aave protocol users, the entire DeFi ecosystem risks being destabilized,” Aave’s lawyers said.“While Aave protocol users cannot retrieve their assets from the Aave protocol, if those assets were being used for collateral for other positions elsewhere then continued restraint on the immobilized assets may render those users unable to meet their related collateral obligations.”Aave said that if a court upholds Gerstein Harrow’s notice, it could incentivize bad actors to target more crypto protocols. Source: CourtListenerThey further argued against Gernstein Harrow’s claim that its clients have a right to the frozen Ether and also said the case is based on unsupported conjecture that the thief is North Korea. “Plaintiffs in this case showed up, contending – based on conjecture from posts on the internet – that the thief was North Korea, and that by stealing the assets for a few hours, North Korea somehow became the rightful owner of those assets such that Plaintiffs here could restrain them for their own purposes,” lawyers for Aave said.“The immobilized assets do not belong to North Korea or any affiliated entities. Instead, the immobilized assets belong to the users of the Aave protocol who were victimized when a third-party thief effectively stole their assets during a cyber exploit April 18, 2026.” Related: Google Cloud flags North Korea-linked crypto malware campaignIf the court can’t immediately vacate the notice, Aave’s lawyers are requesting that Gerstein Harrow pay a $300 million bond to maintain the restraining notice until a decision is reached.A judge hasn’t ruled on the emergency motion yet, and a hearing date hasn’t been scheduled. Gerstein Harrow has filed similar cases in the past, arguing its clients have a claim to funds stolen by North Korea and frozen by crypto firms, including assets from the 2023 Heco Bridge hack and the 2025 Bybit exploit.Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks  Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

A US law firm has filed a restraining notice to block the transfer of frozen Ether from the Kelp exploit, arguing that its clients are owed over $877 million in compensation and damages by North Korea. Charlie Gerstein, a lawyer for US law firm Gerstein Harrow LLP, said in a post on the Arbitrum DAO forum on Friday that a New York district court signed off on a restraining notice and three writs of execution preventing the DAO from moving the Ether under threat of contempt of court.The law firm argued that its clients, who were not affected by the Kelp exploit, won default judgments against North Korea in three separate US court cases in 2010, 2015 and 2016 and are owed a collective $877 million in compensatory and punitive damages, plus interest. It also argued that its clients have a claim to DPRK property. Gerstein said in the restraining notice that the stolen Ether is “property” in which the DPRK has a stake because the hacker group is affiliated with the country. The freeze could mean those affected by the Kelp exploit would need to wait longer to see their funds recovered. This isn’t the first time the firm has attempted to claim stolen cryptocurrency. Kelp DAO suffered a $292 million hack on April 18, which is believed to have been carried out by TraderTraitor, a subgroup of North Korea’s state-backed hacking unit, Lazarus Group. Days later, Arbitrum Security Council took emergency action to freeze 30,766 Ether (ETH), worth over $73 million, held in a wallet linked to the Kelp exploit.Charlie Gerstein, a lawyer for Gerstein Harrow, posted a restraining notice seeking to prevent the Arbitrum DAO from moving the frozen Ether. Source: Arbitrum DAOFunds were proposed for Kelp victimsAave Labs proposed on April 25 that the Arbitrum DAO unfreeze the $73 million in Ether tied to the Kelp DAO attack and direct those funds to “DeFi United,” a fund aimed at restoring rsETH and compensating its holders.An Arbitrum DAO member under the handle Zeptimus said that if the law firm’s action is successful, the DPRK debt will be transferred to the Kelp DAO victims.“Your clients’ losses are real and the DPRK should answer for them. But the remedy the restraining notice asks for, blocking the return of stolen funds to their actual owners shifts the cost of the DPRK’s debt onto a different set of victims who were themselves robbed. That compounds the original harm; it doesn’t redress it,” they said.Gerstein Harrow filed similar claims beforeGerstein Harrow has filed similar cases in the past, arguing its clients have a claim to funds stolen by the DPRK and frozen by crypto firms. In February, the firm filed a claim against funds frozen by Tether that were stolen in the 2023 Heco Bridge hack.Related: North Korean hackers used AI-enabled social engineering in Zerion attackIt has also filed class-action suits against multiple DAOs. At the same time, onchain sleuth ZachXBT accused the law firm of using his research in court documents to stake a claim on funds from the $1.5 billion Bybit hack.The law firm has three live cases against DAOs on its website. Source: Gerstein HarrowNorth Korea-affiliated actors have been accused of stealing at least $578 million across major incidents throughout April and have been linked to many of the industry’s largest hacks, including the Bybit exploit.Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Stablecoins, the name given to cryptocurrencies pegged to the price of a stable asset such as the US dollar or gold, have outgrown their label as they become part of the global financial system, said Robert Hackett, head of special projects at a16z crypto. Hackett said in a report on Friday that the term “stablecoins” was coined in crypto’s early years, when wild volatility defined the space and the tokens were created to maintain stable value and encourage their use for everyday financial activity.“The name was straightforward, if slightly defensive: not a volatile coin, but a stable one. It described the problem it solved perfectly. But the technology has since outgrown the label,” he said.“Stability is now table stakes. It’s a prerequisite, and not the point. The question is no longer ‘will it hold its value?’ But ‘what else can we build with it?’” Hackett added. “That’s why the name stablecoin is outdated now: It still points to the original problem it was designed to solve, not the platform it has become. The term frames the category as a patch rather than a new primitive.”Stablecoins have emerged as a key use case for crypto. The global market has grown to more than $321 billion, according to DefiLlama. Adoption is also expanding across economies as banks and institutions seek to use the technology for faster payments and other benefits.John Palmer, a developer and brand adviser, made a similar argument on Thursday and said it “feels like a bug” to call them stablecoins because “stablecoins will probably 10x the impact of crypto thus far and deserve to have a self-defined and non-reactionary name.”Source: John PalmerThe stablecoin name will likely linger Hackett said a rebrand to a term that better captures the essence of the technology, such as “digital cash” or “programmable money,” is too clunky to use. Related: Stablecoins overtake Bitcoin in Latin America crypto purchases — Bitso At the same time, he argued that the first term that gains traction with a new technology often sticks, such as email, which no longer operates like traditional mail, or horsepower when describing a car’s engine power.“Stablecoins will probably follow the same quirky etymological path. The skeuomorphic name may linger long after it stops being descriptive. Or it may gradually fade as we simply speak of digital dollars, digital euros and other onchain assets,” Hackett said. “Most likely though, the technology will disappear into the background entirely and become just how money works, the same way we stopped saying electric lighting once that newfangled gadgetry became the default. Now they’re just lights.”Magazine: AI-driven hacks could kill DeFi — unless projects act now Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Digital asset company Bakkt completed its acquisition of stablecoin infrastructure firm Distributed Technologies Research (DTR) through an equity-based transaction as part of its bid to create a digital settlement layer.Bakkt CEO Akshay Naheta said on Thursday that the deal aims to combine Bakkt’s institutional infrastructure with DTR’s native artificial intelligence payments engine and stablecoin technology to create a 24/7 digital settlement layer.“The architecture of money movement rarely evolves at this level,” he said. “This transaction accelerates the re-platforming of global financial infrastructure. By fully integrating DTR’s technology, we are introducing stablecoin functionality as a critical bridge between legacy financial systems and the next generation of digital assets.”The global stablecoin market has grown to roughly $320 billion, with adoption expanding across both developed and emerging economies as banks and institutions seek to leverage the technology for faster payments and other benefits.Source: BakktAcquisition deal completed through share issuanceAs part of the deal, Bakkt issued more than 11.3 million shares to the beneficial holders of DTR, with the possibility of an additional 725,592 shares, according to the announcement.The deal was initially revealed in January and originally involved 9.3 million shares. The company also announced a corporate name change to Bakkt Inc. at the same time.Ahead of the deal’s completion, Bakkt’s share price (BKKT) fell roughly 8% to $7.86 by Wednesday’s close, but recovered to $8.62 by Thursday’s market close.Bakkt’s share price fell Wednesday but has since risen 10%. Source: Google Finance Bakkt threatened with delisting in 2024Founded in 2018, Bakkt is 55% owned by Intercontinental Exchange (ICE), which also owns the New York Stock Exchange (NYSE), and has received backing from major partners such as Starbucks and Mastercard.In March 2024, the NYSE threatened to delist Bakkt’s shares because the price had fallen below $1 and remained there for 30 days.By May the company disclosed to regulators that there was “significant uncertainty associated with our expansion to new markets and the growth of our revenue base, given the uncertain and rapidly evolving environment associated with crypto assets.”  Related: Stablecoins overtake Bitcoin in Latin America crypto purchases — BitsoMonths later, reports said President Donald Trump’s media and tech group, Trump Media, was in advanced talks to acquire the company but the deal ultimately fell through. The company has since launched multiple fundraising rounds through share sales, with the latest, in February, aiming to raise $48 million.Magazine: Forget stablecoin yield, how does the CLARITY Act treat DeFi?    Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.