Privacy Protocol Umbra Shuts Down Frontend to Thwart Kelp Attackers; Tornado Cash Co-Founder Says Move Insufficient to Avoid Regulatory Accountability

On April 22, the privacy crypto protocol Umbra shut down its frontend website to increase the difficulty for hackers to transfer stolen funds. Umbra stated that approximately $800,000 in stolen funds had flowed through its protocol, and the frontend shutdown was a ‘maintenance mode’ decision that would be reversed once it ensured that recovery efforts were not affected. This move comes after the Kelp protocol was recently attacked, resulting in losses exceeding $280 million, with the attackers suspected to be North Korean hackers attempting to transfer funds from Ethereum to Bitcoin through protocols like Umbra. However, Tornado Cash co-founder Roman Storm warned that merely shutting down the frontend may not be enough to avoid regulatory accountability. He pointed out that in their case, authorities considered ‘changing the frontend equivalent to controlling the entire protocol,’ and ‘if you can change the user interface, including updates via a new version on IPFS, then you have complete control over the protocol.’ Umbra responded by stating that its protocol is primarily used to ‘protect the identity of recipients, not senders,’ and that all stolen funds flowing through its protocol can be traced, and they have contacted security researchers.