Arbitrum has taken emergency action after a record-setting exploit targeted Kelp DAO, resulting in the freezing of 30,766 ETH valued at approximately $71.1 million. This move comes in response to what is now considered the largest decentralized finance (DeFi) hack reported in 2026, as Arbitrum seeks to protect network stability and user assets while awaiting a formal governance decision on the next steps.
Biggest DeFi exploit of 2026 rocks Kelp DAO
On April 18, Kelp DAO experienced a devastating exploit involving 116,500 rsETH tokens, equivalent to nearly $292 million. The incident quickly gained notoriety as the largest DeFi exploit so far this year. Attackers targeted Kelp DAO’s cross-chain bridge, which is built on LayerZero’s protocol, exposing vulnerabilities in current cross-chain bridge architectures.
Kelp DAO is a decentralized autonomous organization that focuses on providing liquid restaking solutions and cross-chain asset transfer services to DeFi users. The DAO utilizes bridges and protocols to facilitate movement of tokens across blockchains, making it a key player in multi-chain liquidity solutions.
Once the exploit was detected, the Arbitrum Security Council intervened, freezing over 30,000 ETH linked to the hack on the Arbitrum One network. The council’s rapid response was intended to prevent further asset losses and contained the breach, ensuring that user activity across the rest of the network remained unaffected.
The security team coordinated with law enforcement, gathering intelligence on the attacker and reinforcing the protocol’s security posture. All suspicious funds were quickly moved into a secure intermediary wallet, which was also frozen during the process, restricting access for the attacker. No other user balances or on-chain states experienced disruptions as a result of this transfer.
Governance awaits: Fate of frozen ETH under deliberation
By April 20 at 11:26 pm ET, the funds were successfully isolated but remain immobile pending further governance action. According to protocol procedures, any movement or utilization of these assets will be subject to a formal decision by Arbitrum’s governance structure, which could result in refunding users or alternative remediation strategies.
Kelp DAO responded to the incident on Monday, asserting that the exploit appeared to result from external factors rather than direct internal oversight. This stance did little to mitigate concerns around the security of cross-chain bridges and the broader DeFi ecosystem.
The event has intensified scrutiny of DeFi security protocols, highlighting ongoing risks faced by users of decentralized exchanges and platforms. Large-scale exploits continue to challenge system security and trust, emphasizing the need for more robust monitoring and risk mitigation frameworks.
Cross-chain bridges, which play a vital role in facilitating interoperability between blockchains, are facing renewed criticism due to the vulnerabilities exposed by recent hacks. Developers and protocol architects now confront increasing pressure to enhance these bridges and reduce attack surfaces.
Community attention remains fixed on Arbitrum’s handling of the aftermath, as its upcoming governance decision will likely set a precedent for similar incidents. The swift containment of compromised funds has showcased effective internal controls, but the long-term implications hinge on the broader community’s resolution and any actions Kelp DAO may take moving forward.
