In a major move for the DeFi security landscape, the privacy protocol Umbra has taken its hosted front-end website offline to prevent hackers from laundering stolen assets. The decision follows the massive $293 million exploit of Kelp DAO on April 18, 2026—the largest DeFi hack of the year. Investigators found that the attackers (suspected to be North Korea's Lazarus Group) had already funneled approximately $800,000 through Umbra's stealth addresses to bridge funds from Ethereum to Bitcoin. While the underlying smart contracts remain active and immutable, the Umbra team has placed the website in "maintenance mode" to cut off the easiest path for the hackers to move the rest of the loot.