On July 22 at 22:30, unusual malicious wallet transactions began appearing on Kelp's dApp, aimed at stealing user funds. In response to this urgent situation, the Kelp team swiftly took action, securing the domain server and regaining access rights to its ownership, ultimately resolving the issue successfully. However, the attacker exploited spoofing tactics to convince GoDaddy customer support staff to bypass two-factor authentication, revealing a security vulnerability in the system that requires further strengthening. Despite some users reporting losses due to UI attacks, the Kelp team committed to providing necessary support and has already initiated preventive measures, including switching domain registrars and enhancing alerts for anomalous user interface behavior, to prevent similar incidents from occurring again.