Umbra's privacy policy disables the front end to prevent Kelp attackers from using it to transfer funds.

CoinFeed reported on April 22 that, according to Cointelegraph, the privacy protocol Umbra has shut down its front-end website to prevent attackers from using the protocol to transfer funds stolen in several recent attacks. Umbra stated that approximately $800,000 in stolen funds were transferred through its protocol, but the protocol itself only protects the identity of the recipient, not the sender; all transferred funds are identifiable. This decision comes days after the Kelp protocol attack (which resulted in losses exceeding $280 million, suspected to be the work of North Korean hackers), reports indicating that attackers were attempting to bridge funds from Ethereum to Bitcoin using protocols like Umbra. Umbra stated that it has placed the custodial version of its front-end in maintenance mode and will restore it once it is confirmed that it will not hinder current recovery efforts. However, Umbra cannot prevent anyone from using its smart contracts or the self-custodial version of its open-source front-end.