The **Kelp DAO exploit** is currently the largest DeFi hack of 2026, totaling nearly **$293 million**. Here is a professional post draft for Binance Square that breaks down the situation and the recent "freeze" actions.
## 🚨 Market Alert: The Kelp DAO Exploit & The "Freeze" Response
The DeFi community is reeling from a sophisticated **$293 million** exploit targeting **Kelp DAO (@KelpDAO)**. This incident, attributed to the Lazarus Group, has triggered a massive contagion event across the ecosystem.
### 🔍 What Happened?
The attack targeted a vulnerability in the verification process between Kelp DAO and the **LayerZero** protocol. By exploiting a "1-of-1 verifier" setup and using a DDoS attack to isolate RPC nodes, the hackers successfully minted **116,500 rsETH** without backing.
### ❄️ The Strategic Freeze
To prevent further damage and bad debt, major protocols have taken emergency measures:
* **Arbitrum Security Council:** In a historic move, they successfully **froze 30,766 ETH (~$71M)** held in an address linked to the exploit. These funds are now moved to a locked wallet pending a governance vote.
* **Lending Protocols:** Platforms like **Aave, SparkLend, and Fluid** have frozen their rsETH markets. This was crucial as the attacker had already deposited stolen tokens as collateral to borrow nearly $190M in real assets.
* **Contract Pause:** Kelp DAO successfully paused their contracts in time to block a second attempt to drain an additional **40,000 rsETH**.
### 📉 Ecosystem Impact
* **Aave** saw a nearly **$8 Billion drop in TVL** as users reassessed risk.
* **$PIXEL** and other Web3 assets are being closely watched for side-effect volatility.
* This event highlights the critical need for **decentralized verification** over 1-of-1 configurations.
Stay vigilant and monitor your positions in restaking protocols. 🛡️
#KelpDAOExploitFreeze #DeFiSecurity #LazarusGroup #rsETH $ETH
