DeFi Exploits Link: Stolen Funds Commingle Amid Rising Security Threats

A recent investigation into the exploits of Kelp DAO and Humanity Protocol has revealed that assets from both attacks have been commingled, suggesting a connection between the attackers. ZachXBT, a blockchain analyst, noticed that funds from both incidents were moved through the same wallet or transaction flow.

The attacker who targeted Humanity Protocol transferred 15,403 ETH, worth $23.6 million, to a relatively new Ethereum address. This money was then sent to the Bitcoin network and combined with earnings linked to the KelpDAO exploit. As of now, over $8 million of the stolen funds has been laundered by the Humanity Protocol attacker.

The Lazarus Group is known for using this tactic to combine profits from various operations into one Bitcoin wallet before transferring them via mixers and over-the-counter desks. However, the new combination with the Kelp DAO exploit's laundering trail points to a shared external threat actor or closely related cybercriminal network.