The recent zkLend exploit has taken a surprising turn as the hacker responsible for the theft of 2,930 ETH ended up losing all the stolen funds in a phishing scam. The hacker attempted to launder the money using what they thought was Tornado Cash, but mistakenly deposited the funds into a fake website, resulting in an immediate loss.
Upon realizing their mistake, the hacker sent a message to zkLend’s deployer address, admitting their blunder and expressing devastation over the loss. They apologized for the attack and urged zkLend to focus its recovery efforts on the phishing scam operators.
The exploit, which occurred on Feb. 12, saw more than $9.6 million in Ethereum stolen from zkLend. In an attempt to negotiate the return of the remaining funds, the lending protocol offered the hacker a 10% reward in exchange for returning the funds by Feb. 14. However, the hacker ignored the deadline, prompting zkLend to escalate the matter to law enforcement.
To assist in locating and recovering the stolen funds, zkLend enlisted the help of security experts from the Starknet Foundation, StarkWare, and Binance Security. Unfortunately, with the funds now lost in a phishing scam, the situation has taken a new twist.
The zkLend hack is part of a concerning trend of cryptocurrency exploits, with Immunefi’s Q1 2025 report revealing that hackers stole $1.64 billion in the first three months of the year. The zkLend exploit was the fifth-largest of the quarter, contributing to the $106.8 million in losses across 38 incidents in decentralized finance protocols.
Ethereum and BNB Chain were the most targeted networks, with DeFi protocols bearing the brunt of the attacks. In contrast, centralized finance platforms experienced just two incidents but suffered staggering losses of $1.5 billion.
The zkLend exploit serves as a stark reminder of the risks associated with cryptocurrency and the importance of robust security measures in the decentralized finance space. As hackers continue to target digital assets, it is crucial for platforms and users alike to remain vigilant and take proactive steps to protect their funds.