Arbitrum Security Council Member Flags DeFi Risks After $72M North Korea Crypto Recovery

TLDR:

• Arbitrum’s Security Council froze $72M in stolen funds traced to North Korean wallets via a Kelp DAO bridge attack.
• Griff Green warns that leaked private keys and social engineering now pose greater threats than smart contract bugs.
• Aave and similar lending protocols are flagged for being too loose in managing liquid staking token risks.
• The recovered $70M will be redistributed to affected users through a decentralized Arbitrum DAO token holder vote.

Arbitrum Security Council member Griff Green has raised concerns about how lending protocols handle liquid staking tokens.

Green, a veteran of the 2016 Ethereum DAO hack, flagged operational security gaps across decentralized finance. He spoke following the recovery of $72 million in stolen crypto assets linked to North Korean hackers.

The incident involved a Kelp DAO exploit that affected Aave and resulted in roughly $300 million in stolen tokens via a bridge attack.

Arbitrum Council Steps In to Freeze Stolen Funds

The Arbitrum Security Council acted swiftly after tracing $72 million to North Korean-controlled wallets. The council operates as a nine-of-twelve multi-signature group with emergency intervention powers.

Working alongside the Seal 911 team, the council froze the stolen funds in a new address. That address remains inaccessible to the attackers, effectively halting any further movement.

Green noted this was the first time the council used its powers to freeze funds directly. Previously, those powers covered protocol upgrades and bug fixes only.

The action drew on social consensus rather than code immutability. Green referenced the 2016 Ethereum DAO hard fork as a precedent for this kind of intervention.

On the nature of blockchains, Green was direct: “Blockchains are not immutable and can be altered through social consensus.”

He pointed to the Ethereum DAO hard fork as proof that the community can act when needed. This time, however, the stakes involved another party’s funds rather than his own. That distinction made the recovery effort feel less personal but no less urgent.

The recovered $70 million will now fall under Arbitrum DAO governance. Token holders will vote on how to redistribute those funds to affected users.

This approach reflects decentralized governance in practice. It also sets a precedent for how stolen funds may be handled in future incidents.

Green Calls Out Weak Operational Security Across the Industry

Green stated that smart contract bugs are no longer the biggest threat facing crypto. Instead, he pointed to operational security failures such as leaked private keys.

North Korean actors, in particular, rely heavily on social engineering tactics. These methods bypass code-level protections entirely and target human vulnerabilities.

Addressing the broader security gap, Green warned that the industry must match the standards of mature tech companies.

He observed that attackers like North Korea “often rely on social engineering rather than smart contract exploits.” That shift in tactics means technical audits alone are no longer sufficient. Teams must also harden their internal processes and access controls.

Green also addressed how lending protocols like Aave approach liquid staking tokens. He believes these platforms are “too loose with liquid staking tokens” and overlook underlying technical risks.

That oversight creates exposure that bad actors can exploit through bridge attacks. Tighter risk frameworks around these assets would reduce that vulnerability significantly.

Looking ahead, Green supports ongoing efforts like the DAO Security Fund. This initiative aims to identify and support critical security projects across Ethereum.

Stronger infrastructure benefits the broader ecosystem over time. Making crypto safe and accessible for everyday users remains the long-term goal.

The post Arbitrum Security Council Member Flags DeFi Risks After $72M North Korea Crypto Recovery appeared first on Blockonomi.