风騷律師(加密季):一家專注於噁心北韓黑客受害者的律所
- 核心觀點:美國律所 Gerstein-Harrow 基於26年前的北韓相關判決,申請禁制令凍結 Arbitrum DAO 在 Kelp 黑客事件中約7100萬美元的凍結資金,可能干擾 DeFi 漏洞修復進程,凸顯鏈上資產面臨鏈下司法風險的行業新命題。
- 關鍵要素:
- Gerstein-Harrow 律所向紐約南區聯邦法院申請禁制令,要求 Arbitrum DAO 不得轉移 Kelp 黑客事件中被凍結的約7100萬美元 ETH 資產,理由是其資金應執行針對北韓的未償判決賠償。
- 該律所申請基於2000年「脫北者」失蹤案,2015年美國法院判決北韓賠償3.3億美元未履行;律所策略是利用較早判決追索新發現的所謂「北韓資產」,包括加密行業黑客事件中被凍結的資金。
- 該律所曾在 Harmony、Bybit 等黑客事件中類似操作,依賴鏈上偵探 ZachXBT 等調查成果「後發制人」,不主動調查案件。
- 業內分析認為,禁制令可能具有臨時法律效力,若 Arbitrum DAO 不配合,成員可能面臨藐視法庭風險;即使最終勝訴,凍結和訴訟過程可能實質拖延 Kelp、Aave 等 DeFi 協議的修復。
- ZachXBT 等呼籲成立專注於司法訴訟的 DAO 組織應對惡意律所,行業需建立對抗鏈下法律風險的能力,視為與安全、流動性同等重要的新命題。
Original by Odaily Planet Daily (@OdailyChina)
Author: Azuma (@azuma_eth)
The highly anticipated "Kelp hack, Aave bad debt" incident has taken another unexpected turn.
Just when everyone thought fundraising was complete and the vulnerability was about to be fully resolved (see "Final remediation plan unveiled; Aave bad debt saga nears conclusion"), a law firm has set its sights on the funds intended to cover this shortfall, using an injunction that caught the entire cryptocurrency community off guard.
On May 2, PaperImperium, head of MegaETH, disclosed an official document from the U.S. District Court for the Southern District of New York on X. The document states that a law firm called Gerstein-Harrow has filed an injunction request with the court, seeking to prevent Arbitrum DAO from transferring approximately $71 million in ETH assets that were previously frozen in connection with the Kelp hack. The firm's rationale is that "these funds should be used to satisfy outstanding judgments related to North Korea's long history of terrorism, kidnappings, and other cases."
- Odaily note: The source file of the injunction can be viewed here.
Gerstein-Harrow has applied to serve legal notice to Arbitrum DAO via alternative methods, treating it as an accountable organization. Since Arbitrum DAO has a Security Council governed by ARB holders with the authority to act in emergencies, non-compliance by relevant members could result in legal consequences such as contempt of court.
Who is Gerstein-Harrow?
Public records show that Gerstein-Harrow is a U.S. law firm headquartered in Washington, D.C., with offices in New York, Los Angeles, and Phoenix. Its partners are Charlie Gerstein and Jason Harrow.
Following PaperImperium's disclosure, renowned on-chain sleuth ZachXBT quickly weighed in, stating: "Gerstein-Harrow is a predatory law firm, and their tactics are frankly despicable."
ZachXBT noted that whenever a new incident involving North Korean hackers (Lazarus Group) occurs and crypto assets are frozen, this firm appears, claiming to represent a case related to North Korea from 26 years ago and asserting its right to seek compensation from North Korea on behalf of the victims... Yet, this case clearly has no connection to the cryptocurrency industry, vulnerability exploits, or hacker attacks whatsoever.
Beyond the Kelp incident, Gerstein-Harrow has attempted similar maneuvers following hacks involving Harmony, Bybit, and others. More outrageously, Gerstein-Harrow does not actively conduct its own investigations but instead leverages the findings of industry security experts like ZachXBT to file for freezes, playing a "the mantis stalks the cicada, unaware of the oriole behind" strategy.
The Basis for the Injunction: A 26-Year-Old Case
Like the current injunction, Gerstein-Harrow's petitions are based on a case they are handling from 26 years ago.
The incident dates back to 2000, when "North Korean defector" Dong Shik Kim disappeared without a trace. Evidence suggests Kim was likely kidnapped by North Korean agents and secretly taken back to North Korea. In 2009, Kim's family sued the North Korean government in the U.S. on these grounds, with Gerstein-Harrow representing the victim's relatives.
On April 9, 2015, a U.S. court ruled that Dong Shik Kim had been abducted by North Korean agents and likely died after torture in a North Korean prison camp, ordering the North Korean government to pay $330 million in damages to Kim's family.
The notion of a U.S. law firm ordering the North Korean government to pay compensation sounds absurd... Accordingly, media reports at the time stated: "Pyongyang is not expected to pay the award, but the lawyers will seek to seize North Korean assets, such as bank accounts and corporate shares."
Note the phrase "the lawyers will seek to seize North Korean assets" — this is the "basis" Gerstein-Harrow claims. In simple terms, Gerstein-Harrow's strategy is to use a long-standing court judgment to go after North Korean-related assets that appear or are discovered only now.
And in the current sanctions environment, where are "North Korean assets" most likely to appear? Naturally, it's the frequently hacked cryptocurrency industry, which has a habit of "blaming" North Korean hackers — whether these incidents actually involve North Korean hackers remains an open question...
So whenever new North Korean-linked funds are frozen or other on-chain identifiable assets related to North Korea emerge, Gerstein-Harrow appears, claiming, "This money should be used to enforce the judgment from back then."
This is akin to Person A winning a lawsuit over a decade ago, with the court ordering Person B to pay $1 million in damages, but B never paid. Now, when police suddenly seize funds linked to B, A jumps in and says, "That money belongs to me, I have a prior judgment." However, the problem is that these funds might have just been obtained by B from C, who is the directly affected victim...
Can This Maneuver Succeed?
Regarding the injunction filed by Gerstein-Harrow and whether it will impact the process of patching vulnerabilities in DeFi, industry experts have offered their analyses.
PaperImperium commented that he doesn't believe Gerstein-Harrow has a high probability of winning this dispute, but getting them to walk away empty-handed might be difficult. Given the urgency within the DeFi industry to fix vulnerabilities, Gerstein-Harrow might use this opportunity to extort a "piece of the pie."
@lex_node, a cryptocurrency user who is also a lawyer, stated that this injunction, in form, represents a legally effective asset freeze, and its basis is not fabricated but rooted in the existing U.S. judgment enforcement system. Unless certain jurisdictional arguments prevail, Arbitrum DAO currently cannot use the frozen funds before an asset disgorgement hearing — even if they ultimately win the right to retain the funds, they should argue for it through litigation, not decide unilaterally how to handle them. As outrageous as it sounds, that's the situation...
In summary, there appears to be a gray area within the boundaries of the legal system. Gerstein-Harrow's claim seems far-fetched, but it is a "legitimate tool" built upon the existing framework for enforcing judgments. Even if they ultimately cannot take the funds, freezing and delaying can materially interfere with the recovery process for DeFi projects like Kelp and Aave. The issue is that DeFi recovery is highly time-sensitive; completing the fix a day earlier allows the protocol to resume normal operations sooner. Gerstein-Harrow may be banking on this very point to "pick a fight."
As the Gerstein-Harrow injunction incident unfolds, industry figures like ZachXBT have begun calling for the establishment of a DAO focused on litigation to counter malicious shakedowns by such unscrupulous law firms. This may become a lesson the industry must learn — as on-chain funds increasingly come under the purview of real-world courts, code and consensus alone are no longer sufficient to build a complete defense. For all practitioners, developing the ability to counter off-chain legal risks is emerging as a new priority, on par with security and liquidity.
