The hacker responsible for the $9.6 million exploit of zkLend claims to have lost a significant amount of the stolen funds to a phishing scam that mimicked Tornado Cash.
On March 31, they revealed via Etherscan that they mistakenly transferred 2,930 Ether (ETH) to a fraudulent Tornado Cash site, thinking it was legitimate. The stolen funds were transferred in several transactions, initially in smaller increments, before concluding with three larger transfers.
“Hello, I tried to move funds to a Tornado, but I used a phishing website, and all the funds have been lost. I am devastated. I am terribly sorry for all the havoc and losses caused,”
the hacker wrote in the on-chain message, urging zkLend to target phishing operators to help recover lost funds.
In response, zkLend demanded that the hacker return any remaining assets they had. However, blockchain records show that after this request, an additional 25 ETH was sent to a wallet named “Chainflip1.” Before the hacker acknowledged their mistake, another user had warned them not to celebrate, pointing out that all stolen funds had been sent to a scam address. The hacker later regretted it, saying,
“It is so devastating. Everything went with one wrong website.”
zkLend experienced an “empty market exploit” on February 11, where an attacker used a small deposit and flash loans to manipulate the lending accumulator and profit from rounding errors. ZkLend proposed a deal to the attacker to recover the stolen assets, offering to let them keep 10% as a bounty without facing legal consequences if they returned the rest of the Ether. However, there was no public response by the February 14 deadline.
After unsuccessful negotiations, zkLend heightened its response by announcing a $500,000 bounty for information on the hacker’s arrest and the recovery of stolen funds. This incident reflects a growing trend of cyberattacks in the cryptocurrency sector. March alone witnessed over $33 million lost due to hacks, exploits, and scams, as reported by blockchain security firm CertiK.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”