Subscribe
English
News
BreakingRegulation & PolicyInstitutionalDeFi & InfrastructureAI & TechnologyOpinion
KuCoin’s Sabina Liu on Where Crypto Growth Is Coming From in 2026
Events
KuCoin’s Sabina Liu on Where Crypto Growth Is Coming From in 2026
The AI Agent Economy Has an Identity Bottleneck: Blockchain Rails Could Solve It
Technology
The AI Agent Economy Has an Identity Bottleneck: Blockchain Rails Could Solve It
OKX Says X-Perps Bring Regulated Crypto Derivatives to Europe
Businesses
OKX Says X-Perps Bring Regulated Crypto Derivatives to Europe
Apertum Wants to Turn Web3 Usage Into Something More Practical
Businesses
Apertum Wants to Turn Web3 Usage Into Something More Practical
Markets
PricesExchangesConverter
Trending Coins
CHIP77.69%Pudgy Penguins10.48%Asteroid Shiba23.28%RaveDAO30.37%Aave4.39%Bitcoin4.12%Ethereum3.72%Solana2.62%
Track your portfolio from anywhere with a BeInCrypto Watchlist
Create a Watchlist
Awards
BeInCrypto Institutional 100
BeInCrypto Institutional 100
BeInCrypto 100
BeInCrypto 100
Selection Process
Selection Process
Experts Network
Events
Learn
More
Crypto RewardsTop PicksTradingBusinessesProjectsNewsletter
YouTubeTwitterTelegramLinkedInInstagramGoogle News
NewsSecurity
Share

Umbra Confirms $800,000 in Hack Funds Ran Through the Protocol — Pulls Its Frontend Offline

Prefer us on Google
Written by
author avatarKamina Bashir
Edited by
editor avatarHarsh Notariya
Published:22 April 2026, 14:55 UTC
Updated:22 April 2026, 14:55 UTC
  • Umbra paused its hosted frontend after 349 ETH in stolen hack funds routed through.
  • The team said user funds remain safe and were never at risk.
  • Umbra disputes higher laundering estimates and has been working with security researchers.
Promo
#Security (Crypto Scams and Hacks)
#Scams
#Privacy (Crypto Scams and Hacks)

Stealth address privacy protocol Umbra put its hosted frontend into maintenance mode after confirming that funds stolen in recent hacks had passed through the system. 

The team confirmed that roughly 349 Ethereum (ETH), worth about $800,000, came from recent “high-profile” exploits.

Umbra Responds to Laundering Reports

In a recent post on X (formerly Twitter), Umbra revealed that it made the move at 6:45 AM ET on April 21. 

Sponsored
Sponsored

“As has been reported, Umbra was used to move funds associated with recent, high profile hacks. In total, we are aware of 349 ETH (~$800K) of stolen funds moving through the protocol. Reports of much higher amounts are inaccurate,” the post read.

Follow us on X to get the latest news as it happens

The team confirmed that all funds held in stealth addresses remain entirely secure and were never at risk. The Umbra protocol itself is still functioning as usual. Only their hosted instance of the frontend is offline. 

Umbra added that access to the hosted frontend will be reinstated once the team is confident that bringing it back online won’t interfere with the ongoing recovery efforts.

“Umbra is primarily useful for protecting the identity of the receiver, not the sender. Since hackers want to erase the association of funds with the hack-tainted sending address, it is not particularly helpful to hackers to move the funds through Umbra. All the stolen funds moved through the protocol can be identified, and we have been in touch with security researchers who are involved,” the team added.

The response comes as investigators continue tracing the KelpDAO attacker. The hacker started laundering the funds after Arbitrum’s Security Council froze roughly $71 million worth of linked ETH. According to on-chain analyst EmberCN, a series of small ETH transfers were routed through UmbraCash.

The KelpDAO exploit, attributed to North Korea’s Lazarus Group, most likely its TraderTraitor sub-group, stands as the largest DeFi hack of 2026 to date. The incident has shaken investor confidence across the sector. It has also fueled a notable outflow of funds from Aave in recent days.

Subscribe to our YouTube channel to watch leaders and journalists provide expert insights


To read the latest cryptocurrency market analysis from BeInCrypto, click here.
More on Security (Crypto Scams and Hacks)?
Watch on YouTube
Stani Kulechov: How Aave Processed $500M in Liquidations Without Breaking
Stani Kulechov: How Aave Processed $500M in Liquidations Without Breaking
Can Robinhood Finally Deliver ‘Private Equity for All’?
Can Robinhood Finally Deliver ‘Private Equity for All’?
Adam Back: Satoshi’s Email & The Future of Bitcoin
Adam Back: Satoshi’s Email & The Future of Bitcoin
You might also like
News
Security
Arbitrum Freeze Sparks $175 Million Laundering Frenzy on Ethereum
Newsletter

Daily Crypto Insights

Insights, news and analysis of the crypto market straight to your inbox

Crypto Exchanges
Best Crypto Platforms for DePIN Tokens in 2026

Disclaimer

BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.

Sponsored
Sponsored
Read Next
Arbitrum Freeze Sparks $175 Million Laundering Frenzy on Ethereum
News
Security
Arbitrum Freeze Sparks $175 Million Laundering Frenzy on Ethereum