According to TechFlow, the liquidity pledge protocol Kelp DAO said that the security of user assets is the top priority. At 22:30 Beijing time on July 22, Kelp's dApp showed malicious wallet activity transactions in an attempt to steal user funds. The Kelp team responded immediately, locked the domain name server, restored ownership access, and resolved the problem. The attacker impersonated the Kelp team and successfully convinced GoDaddy customer support to bypass 2-FA. The Kelp team is taking preventive measures, including transferring to another domain name registrar and strengthening abnormal UI behavior alerts. A small number of users reported losing funds due to UI attacks, and the Kelp team is providing support.