Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On July 22, 2024, Kelp's DApp began displaying malicious wallet activity transactions aimed at draining funds. Kelp's engineering team evaluated the situation and identified the root cause to be faulty nameservers routing users to different application code that was attempting to trick the users into phishing. The attackers gained access to Kelp’s domain registrar account impersonating Kelp team and successfully convinced GoDaddy’s customer support that they were the legitimate owners of the account bypassing the 2-FA that was in place. Attack method (per SlowMist): DNS Attack. Reported loss: -.
- chain
- —
- protocol
- Kelp DAO
- bug_class
- phishing
- date_occurred
- 2024-07-22
- loss_usd
- —
- source_id
- sm:kelp-dao::2024-07-22