Hacker falls victim to phishing scam after exploiting ZkLend for millions
ZkLend, a decentralized lending protocol built on Starknet, has confirmed that the hacker responsible for its February exploit lost a significant portion of the stolen funds to a phishing scam.
In an April 1 post on X, ZkLend revealed that the attacker tried to launder 2,930 ETH, worth around $5.4 million, through crypto mixer Tornado Cash.
However, instead of using the legitimate platform, the hacker mistakenly interacted with a malicious phishing site: tornadoeth[.]cash. As a result, another party successfully drained the ETH.
Blockchain analytics firm Lookonchain corroborated ZkLend’s findings, confirming the loss of 2,930 ETH due to the phishing incident.
Interestingly, the hacker later sent an on-chain message to ZkLend’s deployer address, admitting the blunder. In the message, the attacker wrote:
“I tried to move funds to Tornado but used a phishing website. All the funds have been lost. I’m devastated and sorry for the havoc and losses caused. I don’t have the coins anymore.”
The hacker urged ZkLend to pursue the phishing site operators instead.
‘No connection’
This unexpected turn has fueled speculation that the original hacker and the phishing scammers might be connected, though no proof has surfaced to support that theory.
Meanwhile, ZkLend stated that the phishing website appears to have been active for over five years. The project furthered that no concrete evidence links the phishing operators to the original hacker.
Nonetheless, wallet addresses tied to the phishing site have been added to ongoing fund-tracing efforts.
The team also noted increased activity from wallets associated with the hacker. Security experts, centralized exchanges (CEXs), and relevant authorities were monitoring these movements in real-time.
ZkLend was exploited in February, with blockchain security firm Cyvers estimating the loss at approximately $9.5 million.
The protocol offered the attacker a 10% bounty if they returned the rest. However, the hacker ignored the proposal and kept the funds, prompting ZkLend to partner with security teams from Starknet, StarkWare, and Binance in a broader fund recovery effort.
The post Hacker falls victim to phishing scam after exploiting ZkLend for millions appeared first on CryptoSlate.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
With $18M Raised, Qubetics Joins Aptos’ Scalability and Toncoin’s Privacy as Top Cryptos to Join for 2025
Explore the latest developments and potential of Qubetics, Aptos, and Toncoin for 2025. Learn why these top cryptos are poised to dominate the market.Qubetics: Redefining Web3 with True Blockchain IntegrationAptos (APT) Sees 3.51% Increase, Market Cap Reaches $2.97 BillionToncoin (TON) Price Rises 1.96%, Market Cap Reaches $7.44 BillionConclusion: Why Qubetics, Aptos, and Toncoin Are the Top Cryptos to Join for 2025
Ethereum’s ETH Primed for Massive Breakout 📈
With >81% potential to $4,811 and an upside to $8,557, Ethereum shows strong consolidation signals—could ETH soar next?First Target: $4,811.71Extended Rally to $8,557.68Summary
France Eyes Bitcoin Mining to Harness Nuclear Energy Surplus
France exploring Bitcoin mining to convert €80M in wasted nuclear energy into grid assets and innovation. Learn more here.Stabilizing the Grid with Smart Crypto DemandDriving Innovation and Economic Growth
Dow, S&P 500, Nasdaq rise on relief over Israel, Iran
Trending news
MoreCrypto prices
More
