ZkLend, a decentralized lending protocol built on Starknet, recently revealed that the hacker responsible for its February exploit lost a significant portion of the stolen funds to a phishing scam. The attacker attempted to launder 2,930 ETH, valued at around $5.4 million, through crypto mixer Tornado Cash. However, instead of using the legitimate platform, the hacker mistakenly interacted with a malicious phishing site, resulting in the loss of the funds to another party. Blockchain analytics firm Lookonchain confirmed the loss of 2,930 ETH due to the phishing incident, and the hacker later sent an on-chain message admitting to the mistake.
Despite speculation that the original hacker and the phishing scammers might be connected, there is currently no evidence to support this theory. ZkLend stated that the phishing website had been active for over five years and that there is no concrete evidence linking the phishing operators to the original hacker. However, wallet addresses associated with the phishing site have been included in ongoing fund-tracing efforts. The team is also monitoring increased activity from wallets connected to the hacker, with security experts, centralized exchanges (CEXs), and relevant authorities monitoring these movements in real-time.
The exploit of ZkLend in February resulted in an estimated loss of approximately $9.5 million, with the protocol offering the attacker a 10% bounty if they returned the rest of the stolen funds. Despite the proposal, the hacker chose to keep the funds, prompting ZkLend to collaborate with security teams from Starknet, StarkWare, and Binance in a broader fund recovery effort. The latest Alpha Market Report provides additional information on the ongoing efforts to recover the stolen funds and prevent future exploits within the decentralized lending protocol.
