Ave Challenges Law Firm Stopping Kelp Exploit Ether.
Decentralized financial protocol Aave Arbitrum Dao filed an emergency motion in New York on Monday to release a US law firm's restraining order barring it from transferring 30,766 frozen Ether to victims of kelp exploitation.
Gerstein Harrow LLP served the Arbitration DAO with a Notice of Restraint on Friday, saying its clients are owed more than $877 million in default judgments against North Korea. The law firm claims that the North Korean hacking group behind the Kelp exploit is in possession of the tokens, and its clients are filing a legal claim against Ether.
Ave filed the emergency motion in New York District Court, arguing that a thief does not acquire legal title to property by theft. He also argued that North Korea was only accused of part of the theft and that the law firm's argument was “contrary to logic and the law”.
Arbitrum DAO has been voting on whether or not to release Ether to help Defi United, an industry-wide coordination effort to help full rsETH owners and restore support for rETH after the April 18. $292 million Kelp DAO hack. Voting ends Thursday.
Source: Ave
A delay will cause “irreversible damage” to Aave, the crypto ecosystem
Aave argued that if the court accepts Gerstein Harrow's notice, it could hinder future recovery efforts for North Korea-related data breaches. He also argued that it could encourage bad actors to target more crypto protocols.
Aave's lawyers also warned that the delay was causing “irreparable harm” to the protocol, its users and the wider DeFi community.
“If the immovable assets remain subject to a ban, and there is no provision for users of the Aave protocol to restore the value, the entire DeFi ecosystem risks becoming unstable,” Aave's lawyers said.
“While users of the Aave protocol cannot retrieve their assets from the Aave protocol, if the assets are used as collateral, restricting them to immovable assets prevents users from fulfilling their related collateral obligations.”
Aave says that if a court accepts Gerstein Harrow's notice, it could encourage bad actors to target more crypto protocols. Source: CourtListener
Gerstein also disputed Harrow's claim that customers were entitled to the frozen ether, saying the case was based on the unsupported assumption that the thief was North Korea.
“The plaintiffs in this case appeared, they argued – based on speculation from posts on the Internet – that the thief is North Korea, and that by stealing the assets for a few hours, North Korea somehow became the owner of those assets, which the plaintiffs here can use for their own purposes,” Ave's lawyers said.
“The assets do not belong to North Korea or any related parties. Rather, the assets are Aave protocol users affected when a third-party thief effectively stole their assets during the April 18, 2026 cyber exploit.”
RELATED: Google Cloud Suggests North Korea-Linked Crypto Malware Campaign
If the court fails to release the notice immediately, Aave's attorneys are asking Gerstein Harrow to post a $300 million bond to maintain the restraining order pending a decision.
A judge has not yet ruled on the emergency motion and a trial date has not been set.
Gerstein Harrow has handled similar cases in the past, with clients claiming funds stolen by North Korea and embezzled by crypto companies, including the 2023 Heco Bridge hack and the 2025 Bybit exploit.
Magazine: Diffie's Billion Dollar Secret: Insiders Responsible for Hacking
