What Is Happening to KelpDAO Funds After the Hack? Latest Update

2026-04-22
What Is Happening to KelpDAO Funds After the Hack? Latest Update

The KelpDAO funds after hack situation has rapidly evolved into one of the most disruptive events in DeFi history. Following the April 18, 2026 exploit, attackers drained nearly $293 million in rsETH, triggering panic across the ecosystem. 

As funds continue to move across chains, investors are asking the same question: where did the stolen assets go and can they be recovered?

Key Takeaways

  • KelpDAO lost approximately $292–293 million in rsETH due to a cross-chain bridge flaw.

  • Over $175 million in ETH has already been moved and partially laundered across multiple networks.

  • Recovery remains uncertain as attackers continue using privacy tools and cross-chain bridges.

sign up on Bitrue and get prize

Trade with confidence. Bitrue is a secure and trusted crypto trading platform for buying, selling, and trading Bitcoin and altcoins.
Register Now to Claim Your Prize!

Overview of the KelpDAO Hack

The exploit targeting KelpDAO unfolded on April 18, 2026, exposing a critical weakness in its cross-chain validation layer. This misconfiguration allowed attackers to mint fake rsETH, a restaked version of Ethereum, without proper backing.

Armed with these illegitimate tokens, the attacker deposited rsETH into lending platforms such as Aave, borrowing real ETH and effectively turning fake collateral into real liquidity.

The damage was severe:

  • Around 116,500 rsETH was drained (~$292–293 million)

  • Roughly 18% of circulating rsETH supply was compromised

  • Emergency multisig actions froze contracts, preventing an additional ~$100 million loss

The aftermath wasn’t contained to KelpDAO alone. Within hours, panic spread across DeFi, leading to $10–15 billion in withdrawals from various protocols.

Read Also: AAVE Incident Explained: KelpDAO Hack Impact

Where Did KelpDAO Stolen Funds Go?

KelpDAO Funds After Hack: Latest rsETH Exploit Update

The question dominating the market where KelpDAO stolen funds go has a complex answer. The attacker didn’t simply hold the funds; instead, they executed a sophisticated, multi-layered laundering strategy.

Initial Exploit and Collateralization

Immediately after minting fake rsETH:

  • The attacker used it as collateral on lending platforms

  • Borrowed large amounts of ETH

  • Began dispersing assets across multiple chains

This step effectively transformed synthetic assets into real, liquid value.

Arbitrum Freeze and Partial Containment

A major intervention occurred on Arbitrum, where approximately:

  • 30,766 ETH (~$70 million) was frozen

However, containment was imperfect. The attacker managed to:

  • Move portions of funds using obscure addresses (e.g., burn-like addresses)

  • Continue redistribution despite partial freezes

Massive ETH Transfers to New Wallets

On April 20, 2026:

  • Around 75,700 ETH (~$175–176 million) was transferred

  • Funds were moved to fresh wallets on the Ethereum mainnet

This step marked a transition from accumulation to obfuscation.

Cross-Chain Laundering Strategy

To evade tracking, the attacker used a combination of mixers and bridges:

  • Tornado Cash for anonymization

  • THORChain to move funds to Bitcoin

  • Umbra for stealth transfers

  • Chainflip and BitTorrent Chain for routing

Key figures:

  • ~$1.5 million bridged to Bitcoin via THORChain

  • ~$78,000 moved via Umbra

  • Numerous small transfers used to fragment traceability

The pattern is clear: fragmentation + cross-chain routing = maximum obfuscation.

Read Also: Can AAVE Recover After KelpDAO Hack?

KelpDAO rsETH Exploit Update and DeFi Impact

The KelpDAO rsETH exploit update reveals a cascading effect across the broader DeFi ecosystem.

Immediate Market Reaction

  • Aave paused rsETH markets, limiting further damage

  • Massive liquidity withdrawal triggered

  • Total Value Locked (TVL) dropped by $14–15 billion

This wasn’t just a hack, it was a systemic stress test.

Structural Weaknesses Exposed

The exploit highlighted critical vulnerabilities:

  • Over-reliance on cross-chain bridges

  • Risks in liquid restaking models

  • Dependency on external validation layers

In essence, composability DeFi’s greatest strength also became its weakest link.

Ongoing Tracking Efforts

Blockchain investigators continue monitoring movements:

  • ZachXBT

  • PeckShield

Their findings confirm that:

  • Funds are still actively being laundered

  • No significant recovery has been achieved yet

Read Also: Unlocking Opportunities with Kelp DAO Airdrop

KelpDAO Hack Recovery Status

As of April 22, 2026, the KelpDAO hack recovery status remains uncertain.

What Has Been Achieved

  • Partial freezing of funds (~$70 million)

  • Rapid response prevented further $100 million loss

  • Market containment through protocol pauses

What Remains Unresolved

  • Majority of funds are still in circulation

  • Continuous laundering across chains

  • No confirmed large-scale recovery

Current Risk Outlook

DeFi protocols remain cautious:

  • Some rsETH markets are still suspended

  • Risk models are being reassessed

  • Cross-chain security is under intense scrutiny

BitrueAlpha.webp

Conclusion

The KelpDAO funds after hack scenario underscores a harsh reality: even advanced DeFi systems are vulnerable to subtle infrastructure flaws. While emergency actions mitigated further damage, the attacker’s ability to rapidly disperse and launder funds highlights the sophistication of modern exploits.

For investors and builders alike, the takeaway is clear security must evolve alongside innovation. 

Before engaging with restaking or cross-chain protocols, always conduct thorough research and monitor trusted platforms like Bitrue for the latest updates.

FAQ

What happened in the KelpDAO hack?

KelpDAO lost around $292–293 million in rsETH after attackers exploited a cross-chain validation flaw to mint fake tokens and borrow real ETH.

Where did KelpDAO stolen funds go?

The funds were distributed across Ethereum, Arbitrum, and Bitcoin networks using mixers and bridges like Tornado Cash and THORChain.

Is KelpDAO recovering the stolen funds?

Only a portion (~$70 million) has been frozen so far. Most funds remain unrecovered as laundering continues.

How did the rsETH exploit affect DeFi?

The exploit triggered $14–15 billion in DeFi withdrawals and forced protocols like Aave to pause rsETH markets.

What is the current KelpDAO hack recovery status?

As of April 22, 2026, recovery is limited, and the attacker continues to move funds across chains, making full recovery uncertain.

Disclaimer: The views expressed belong exclusively to the author and do not reflect the views of this platform. This platform and its affiliates disclaim any responsibility for the accuracy or suitability of the information provided. It is for informational purposes only and not intended as financial or investment advice.

kelp-dao

Disclaimer: The content of this article does not constitute financial or investment advice.

Register now to claim a 2018 USDT newcomer's gift package

Join Bitrue for exclusive rewards

Register Now
register

Recommended

OPG on Base: Is This New AI Narrative Driving Price Momentum?
OPG on Base: Is This New AI Narrative Driving Price Momentum?

OpenGradient (OPG) launches on Base with verifiable AI compute. Bitrue lists OPG/USDT. Can this new AI narrative drive price momentum?

2026-04-22Read
Is SIF a Hidden Gem or Just Exit Liquidity?
Is SIF a Hidden Gem or Just Exit Liquidity?

The sif crypto token — ticker SIF, full name shibawifhat — did something most pump.fun tokens never do: it actually graduated. The bonding curve hit 100%, the coin moved to open market liquidity, and the price briefly spiked to a $143K all-time high.

2026-04-22Read
Will Sign (SIGN) Be the Next Potential Crypto?
Will Sign (SIGN) Be the Next Potential Crypto?

Sign crypto (SIGN) — the token behind Sign Protocol and the S.I.G.N. (Sovereign Infrastructure for Global Nations) framework — is one of the rare projects sitting at the intersection of real government contracts and speculative retail trading.

2026-04-22Read