Buy Crypto
Pay with
USD
USD
Buy & Sell
Hot
Supports Visa, Mastercard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
P2P Loan
Grow your wealth in fiat investment
Markets
Trade
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Earn
Launch
CandyDrop
tag
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investment
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
More
Promotions
AI
Others
TradFi
WCTC S8
Rewards

Aave emergency motion counters: $73 million in frozen ETH: “The thief does not own what he stole”

ChainNewsAbmedia
ethereum newsProject ProgressEnforcement ActionsSecurity Incidents
ETH0.82%
AAVE0.31%
ARB1.67%

DeFi lending protocol Aave submitted an emergency motion to the U.S. District Court for the Southern District of New York on May 4, seeking to lift the May 1 freezing order covering 30,766 ETH (currently about $73 million). Founder Stani Kulechov publicly declared: “The thief does not own what he stole.” The Block reported that Aave argued this batch of ETH was taken by hackers from Aave users, and should not be seized by holders of a North Korean terror-attack judgment—because thieves never have lawful ownership of stolen goods. The case is a follow-up to ABMedia’s May 4 report on the freezing of $71 million in Kelp DAO ETH by the U.S. District Court for the Southern District of New York, and it is the first time a DeFi protocol with direct standing has publicly mounted a defense.

Aave’s three core defenses: ownership, misattribution of North Korea, weak evidence

The core three points in Aave LLC’s emergency motion:

First: The thief has no legal ownership over stolen goods—stealing itself cannot transfer ownership; the ETH in the hacker’s hands still legally belongs to the original Aave users.

Second: The moment the “bystander” (the Arbitrum Security Committee) recovers the stolen assets, property rights revert to the victims, not a state of “intermediary custody” in which other creditors can assert claims.

Third: The plaintiff (the holders of the North Korean terror-attack judgment) links the hacker to the North Korean Lazarus Group with evidence that comes only from “internet-post hearsay opinions,” which cannot constitute admissible evidence in court.

In a public statement, Stani Kulechov explained by analogy: “Imagine a jewelry store is robbed, and the diamonds are later found by a passerby bystander. These diamonds belong to the original jewelry store—completely unrelated to the fact that the robber happens to owe someone else a debt.” He added: “These funds belong to the original stolen victims—just like that.”

Origin of the incident: April 18 KelpDAO cross-chain bridge hacked; Aave users affected

The legal dispute stems from the KelpDAO hack on April 18. The hackers exploited a vulnerability in KelpDAO’s rsETH (liquid staking token) cross-chain bridge and used “unbacked collateral” to borrow about $230 million in ETH from Aave. Aave’s core victims are the users who lent their ETH—after the hackers borrow the ETH, the hackers disappear with the funds.

Afterward, the Arbitrum Security Committee intervened and intercepted 30,766 ETH (currently about $73 million), reserving it for victim compensation. Aave, together with Lido, Mantle, EtherFi, and others, formed the DeFi United alliance, which had originally planned to use a vote via the Arbitrum DAO to allocate this batch of ETH to Aave users.

The unexpected turn came on May 1—holders of a March $300 million judgment from North Korea’s 2015 terror attack, including Han Kim, applied to the U.S. District Court for the Southern District of New York for a writ of attachment, claiming the ETH was stolen by the Lazarus Group and should be paid first under their judgment. After the court issued the attachment order, Aave’s compensation plan was forced to be halted.

What to watch next: hearing date, Lazarus evidence, DeFi governance precedents

After Aave’s motion, the U.S. District Court for the Southern District of New York is expected to schedule a hearing by the end of May. Three key points to watch:

How the court will determine whether the alleged link between Lazarus Group and this KelpDAO hack is established—if it accepts the plaintiff’s “internet attribution” evidence, then any future North Korean hacker-related stolen assets would fall within the scope of enforceable North Korean terror-attack judgments; if the court rejects it, this case would be viewed as a win precedent for DeFi defenses.

Can the legal logic of “the thief does not own stolen goods” extend to crypto assets—traditional law is more mature in handling physical stolen property, but there is still no clear precedent on the ownership of tokenized assets and ETH inside smart contracts.

The role of Arbitrum DAO—whether a DAO’s intervention to freeze is a “governance action” or a “custodial action”—under different determinations, the legal ownership of ETH would change completely.

For the DeFi industry, the outcome of this case will determine the future legal risk boundaries for DAO intervention involving hacker-stolen goods. If a U.S. court rules that “after a DAO freezes, external creditors may assert priority to be paid,” then in future large-scale hacker incidents, agreements might prefer not to intervene with freezing—and not to pull assets into a legally reachable scope. That would be contrary to victims’ interests, and it is a paradox the entire industry needs to confront.

This article, Aave’s emergency motion counters the $73 million ETH freeze: “The thief does not own what he stole,” first appeared on Chain News ABMedia.

Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to Disclaimer.

Related News

05-04 12:37
Strategy Holds 818,334 BTC With $2.598B Unrealized Gains; Bitmine Posts $6.289B Loss on ETH
05-03 18:56
North Korea Creditors Seize Restraining Order on Arbitrum's 30,766 ETH on May 1
05-01 22:32
Arbitrum Governance Votes to Release 30,765 ETH ($71M) Frozen After Kelp DAO Exploit
Related Articles

Families Seek Frozen Arbitrum ETH for North Korea Victims

Crypto Frontier05-04 21:17

North Korea Denies Crypto Theft as $577M Stolen in 2026

Crypto Frontier05-04 14:05

North Korea terror attack verdict holder seizes $71 million of Kelp DAO ETH: Arbitrum’s “centralized intervention” turned into a legal handle

ChainNewsAbmedia05-04 05:07

North Korea Creditors Seek to Seize Arbitrum-Frozen Kelp DAO ETH

Crypto Frontier05-03 22:56

Families Seek Frozen Arbitrum ETH Over North Korea Judgment Claims

Crypto Frontier05-03 16:50
Comment
0/400
QianZelinvip
· 05-05 01:05
Ethereum trash, hurry up and crash.
View OriginalReply0