The zkLend exploiter lost all 2,930 ETH in a phishing scam while attempting to launder the stolen funds through what they believed was Tornado Cash.
As reported on March 31, the attacker inadvertently deposited the ill-gotten gains into a fraudulent Tornado Cash site, leading to an immediate loss. Blockchain data indicates that upon realizing this error, the hacker sent a frantic message to the zkLend deployer address, owning up to their mistake.
“I tried to move funds to Tornado, but I used a phishing website, and all the funds have been lost. I am devastated,” the hacker confessed. They further expressed regret for the attack and urged zkLend to direct its recovery efforts toward the phishing scam perpetrators.
Over $9.6 million in Ethereum (ETH) was snatched in the zkLend exploit, which occurred on February 12. The Starknet-based lending protocol attempted to negotiate with the hacker by offering a 10% bounty in exchange for the return of the remaining funds by February 14.
When the hacker failed to meet the deadline, zkLend escalated the situation to law enforcement. The platform announced that it had recruited security professionals from the Starknet Foundation, StarkWare, and Binance Security to track down and recover the assets. However, with the stolen ETH now lost to a phishing scam, the situation has taken an unexpected twist.
The zkLend incident is indicative of a rising trend in high-profile cryptocurrency hacks. A recent report shows that the first quarter of 2025 marked the worst period for crypto security breaches in history, with hackers absconding with $1.64 billion. The zkLend breach ranked as the fifth-largest exploit of that quarter.
Decentralized finance protocols faced losses totaling $106.8 million across 38 incidents, with Ethereum and BNB (BNB) Chain being the most frequently targeted networks. While DeFi platforms experienced numerous attacks, centralized finance structures recorded only two cases, yet those resulted in an astonishing $1.5 billion in losses.