Gate News message, April 22 — Volo Protocol, a yield vault operator on Sui, announced yesterday (April 21) that it has begun freezing stolen assets following a $3.5 million exploit. Hackers looted WBTC, XAUm, and USDG from Volo Vaults, marking the latest major DeFi security breach in a

Lazarus releases Mach-O Man for macOS to steal keychain data and wallet credentials, targeting crypto executives via ClickFix pop-ups and compromised Telegram meetings. Abstract: The article reports that the Lazarus-linked Mach-O Man malware targets macOS to exfiltrate keychain data, browser credentials, and login sessions to access cryptocurrency wallets and exchange accounts. Distribution relies on ClickFix social engineering and compromised Telegram accounts directing victims to fake meeting links. The piece ties the operation to the April 20 Kelp DAO hack and identifies TraderTraitor as Lazarus-affiliated, noting rsETH movement across blockchains via LayerZero’s OFT standard.

Gate News message, April 21 — A weekend hack that drained nearly $300 million from a small crypto project and triggered a $10 billion run on the largest decentralized lending platform may slow Wall Street's growing interest in blockchain technology, according to a report from Jefferies LLC released

Arbitrum froze 30,766 ETH from the KelpDAO hack, worked with law enforcement, and recovered about a quarter of assets, while locking funds pending governance amid decentralization versus security debates. Abstract: This article reports that the Arbitrum Security Council froze 30,766 ETH (about $70 million) tied to the KelpDAO exploit, with nine of twelve votes, and moved funds to a secure wallet in coordination with law enforcement. The operation targeted only affected assets to minimize network disruption. The exploiter is suspected to be DPRK-associated. The breach began April 18 via a LayerZero-powered bridge, draining 116,500 rsETH (~$292 million). About a quarter of stolen assets have been recovered. The frozen funds will remain locked until governance and legal authorities decide the next steps, prompting debate over decentralization versus security.

Analysis of LayerZero OApps post-KelpDAO hack reveals significant security issues, with 47% using the least secure 1-of-1 DVN tier. KelpDAO’s rsETH token also operates at this vulnerable level, exposing risks in single-validator architectures.

Russian cryptocurrency exchange Grinex ceased operations after a cyberattack caused losses over $13 million. The shutdown impacts Russian businesses' ability to convert rubles internationally and challenges the country's shadow finance system.

LayerZero reported that the Kelp DAO exploit, attributed to North Korea's Lazarus Group, led to a loss of $292 million in rsETH tokens due to vulnerabilities in its decentralized verifier network. Additionally, eth.limo faced a domain hijacking from a social engineering attack, but DNSSEC mitigated severe damage.

A recent hack draining nearly $300 million from a crypto project led to a liquidity crisis on Aave, causing users to withdraw around $9 billion. Concerns over collateral quality prompted mass withdrawals, highlighting risks in DeFi lending.

Curve Finance has temporarily suspended its LayerZero infrastructure due to a security incident involving rsETH. The protocol is investigating the issue, affecting certain cross-chain bridging operations while others continue as normal.

Circle Internet Group's stock fell 1% after a class action lawsuit alleged it failed to prevent $230 million in stolen USDC during the Drift Protocol exploit. The lawsuit questions Circle's ability to halt the attackers' transactions, raising issues of responsibility for stablecoin issuers in breach scenarios.