North Korean Terrorism Victims Intensify Battle to Secure $71 Million from Aave Hack
In a recent turn of events, lawyers representing victims of North Korean terrorism have escalated their legal efforts to seize $71 million worth of frozen Ether (ETH) linked to the April 18 exploit involving the decentralized finance protocol Aave. This dispute centers around a sophisticated attack attributed primarily to the notorious North Korean Lazarus hacker group.
Legal Strategy Shift: Theft or Fraud?
On Tuesday, attorneys filed a detailed 30-page legal brief in the U.S. District Court for the Southern District of New York, shifting their argument from simple theft to fraud. They contended that the rsETH exploit should not be considered a mere theft but rather a fraudulent loan arrangement that led to the wrongful acquisition of assets. According to the filing, this distinction is crucial under long-standing U.S. legal precedent, which holds that fraudsters may obtain a form of legal title over property acquired through deceptive means — albeit one that can be later rescinded.
The lawyers argued, "North Korea borrowed assets from users of the Aave Protocol and failed to repay them. When the protocol attempted to liquidate North Korea’s collateral, it was dismayed to find that the collateral was worthless." They further cited historical examples, noting, "The law is crystal clear that a fraud victim not only transfers possession but also ownership to a fraudster… Charles Ponzi obtained ‘revocable ownership’ of his victims’ money through his now eponymous scheme."
Background: The Aave Exploit
The conflict originates from a cross-chain bridge exploit last month, through which around $230 million was siphoned from Aave — the largest decentralized lending platform by total value locked. The attacker minted unsupported rsETH tokens and used these as collateral to secure loans of genuine Ether, bypassing the protocol’s safeguards.
Subsequent forensic investigations by Chainalysis, TRM Labs, and other blockchain analytics firms have largely attributed this attack to Lazarus, the hacking group linked with North Korea’s state-sponsored cyber operations.
Partial Recovery and Dispute Over Asset Control
Developers tied to the Arbitrum blockchain network, on which Aave operates, successfully intercepted about $71 million before it could be withdrawn — the sum now at the heart of the legal battle.
The plaintiffs’ recent court submission also invokes the Terrorism Risk Insurance Act (TRIA), a post-9/11 federal law that authorizes victims of terrorism to collect on judgments by seizing property linked to terrorist state actors within U.S. jurisdiction. If the court accepts this framework, it could potentially override Aave’s previous defenses based on New York property law.
Complicating the case, the filing raises questions over whether Aave itself has legal standing to contest the freezing of these assets. The protocol’s own terms of service explicitly state it has no custody or control over user funds—a fundamental principle of decentralized finance (DeFi). This issue could limit Aave’s ability to challenge the seizure.
Financial Implications and Industry Context
Interestingly, the brief notes that the affected users might not require the frozen assets. DeFi United, an industry-backed recovery fund in which Aave participates, has reportedly amassed nearly $328 million so far, more than covering the contested $71 million.
The next critical development will take place on Wednesday, May 6, when a hearing is scheduled before a federal court in Manhattan to decide on the legal arguments and the fate of the frozen funds.
Conclusion
This case underscores the complex legal and regulatory challenges emerging at the intersection of decentralized finance, cross-chain vulnerabilities, and international sanctions on hostile states. The outcome could set a precedent for how courts view blockchain-based asset security, fraud, and the powers of decentralized protocols in recovering stolen cryptocurrencies linked to sanctioned entities.
Source: coindesk.com
Reported by Crypto News