The Arbitrum Security Council has taken emergency action to freeze 30,766 ETH on the Arbitrum network, invoking its constitutional authority to contain funds linked to a recent exploit.
The freeze targets approximately 30,766 ETH, a sum reportedly valued at around $100 million and connected to the KelpDAO exploit. The Security Council, a multisig body empowered by the Arbitrum DAO Constitution, executed the action to prevent the assets from being moved or laundered further.
According to reporting from The Block, the frozen ETH is linked to the KelpDAO security incident. Some reports have attributed the exploit to the Lazarus Group, though that claim has not been independently verified at this time.
How the Security Council's Emergency Powers Work
The Arbitrum DAO Constitution grants the Security Council authority to take emergency actions without a full governance vote when protocol security is at immediate risk. This power, outlined in the foundation's governance documents, is designed for exactly this type of scenario, where speed is critical to containing stolen funds.
The council's ability to freeze assets at the chain level distinguishes Arbitrum from fully permissionless Layer 1 networks. While this capability raises familiar debates about decentralization tradeoffs, it provided a concrete mechanism to act before the funds could be bridged out or obscured through mixing protocols.
For context on how DeFi exploits ripple across the Ethereum ecosystem, Lido recently disclosed $21.6 million in rsETH exposure from a separate incident, illustrating the interconnected risk that liquid staking protocols face.
Key Unknowns That Remain
Several critical details remain unconfirmed. The research underlying this report was terminated early due to budget constraints, and the verification status is partial. Readers should treat the following as open questions rather than settled facts.
First, the precise exploit mechanism used against KelpDAO has not been fully detailed in available public sources. Second, attribution to any specific threat actor, including the Lazarus Group, remains unverified according to the evidence reviewed. Third, the next procedural steps for the frozen funds, whether they will be returned to affected users, held pending investigation, or subject to a full DAO governance vote, have not been announced.
The emergency freeze does not appear to have triggered significant volatility in Ethereum's broader ecosystem, though the incident adds to a growing list of DeFi security events in 2026 that have tested crypto market resilience.
The Arbitrum governance process tracked on Tally may provide updates as the council determines next steps for the frozen assets.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.