Incident Funds Initiate Complex Cross-Chain Movement
According to real-time data from a leading blockchain security firm, new developments have emerged in the security incident previously involving the KelpDAO protocol. The associated funds have been moved off the original Ethereum network, initiating a meticulously planned cross-chain asset transfer route.
Detailed Breakdown of the Fund Transfer Path
Monitoring data indicates that the perpetrator first utilized a specific cross-chain bridging protocol to transfer the held ETH assets from the Ethereum mainnet to the Layer 2 network, Arbitrum. On the Arbitrum network, this ETH was swiftly exchanged for the widely circulated USDT stablecoin. After the swap, instead of letting the funds remain, the attacker proceeded to route this stablecoin asset to a completely different blockchain network—TRON—via another cross-chain interoperability protocol.
Security and Tracing Challenges Posed by Cross-Chain Transfers
- Increased Tracing Difficulty: The funds traversed multiple heterogeneous blockchains, involving different address formats, transaction logging systems, and ecosystems, significantly complicating on-chain analysis and forensic tracing.
- Highlighted Protocol Risks: This incident once again exposes the potential security vulnerabilities and fund risks present in the DeFi sector, particularly at cross-chain interaction points.
- Regulatory and Compliance Dilemmas: The movement of assets across public chains with varying levels of recognition in different jurisdictions poses greater challenges for global regulatory cooperation and compliant recovery efforts.
This fund transfer path demonstrates that the attacker is attempting to leverage the interoperability of the current blockchain ecosystem to obfuscate the fund flow and increase recovery difficulty. It serves as a stark warning for project teams, security firms, and the entire DeFi ecosystem regarding security protection and incident response mechanisms.