Hacker falls victim to phishing scam after exploiting ZkLend for millions

Published on:

ZkLend, a decentralized lending protocol built on Starknet, has confirmed that the hacker responsible for its February exploit lost a significant portion of the stolen funds to a phishing scam.

In an April 1 post on X, ZkLend revealed that the attacker tried to launder 2,930 ETH, worth around $5.4 million, through crypto mixer Tornado Cash.

However, instead of using the legitimate platform, the hacker mistakenly interacted with a malicious phishing site: tornadoeth[.]cash. As a result, another party successfully drained the ETH.

Blockchain analytics firm Lookonchain corroborated ZkLend’s findings, confirming the loss of 2,930 ETH due to the phishing incident.

Interestingly, the hacker later sent an on-chain message to ZkLend’s deployer address, admitting the blunder. In the message, the attacker wrote:

“I tried to move funds to Tornado but used a phishing website. All the funds have been lost. I’m devastated and sorry for the havoc and losses caused. I don’t have the coins anymore.”

The hacker urged ZkLend to pursue the phishing site operators instead.

‘No connection’

This unexpected turn has fueled speculation that the original hacker and the phishing scammers might be connected, though no proof has surfaced to support that theory.

Meanwhile, ZkLend stated that the phishing website appears to have been active for over five years. The project furthered that no concrete evidence links the phishing operators to the original hacker.

Nonetheless, wallet addresses tied to the phishing site have been added to ongoing fund-tracing efforts.

The team also noted increased activity from wallets associated with the hacker. Security experts, centralized exchanges (CEXs), and relevant authorities were monitoring these movements in real-time.

ZkLend was exploited in February, with blockchain security firm Cyvers estimating the loss at approximately $9.5 million.

The protocol offered the attacker a 10% bounty if they returned the rest. However, the hacker ignored the proposal and kept the funds, prompting ZkLend to partner with security teams from Starknet, StarkWare, and Binance in a broader fund recovery effort.

The post Hacker falls victim to phishing scam after exploiting ZkLend for millions appeared first on CryptoSlate.

Related

Leave a Reply

Please enter your comment!
Please enter your name here

Hakan Aslan
Hakan Aslanhttps://www.nebikurtulus.com/

© All rights are reserved by 2021-coinvizyon.com by Nebi Kurtulus

Altcoins
Bitcoin
Blockchain Technology
DeFi
Ethereum
Featured
bitcoin
Bitcoin (BTC) $ 87,047.32
ethereum
Ethereum (ETH) $ 1,905.05
tether
Tether (USDT) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.176105
tron
TRON (TRX) $ 0.238358
cardano
Cardano (ADA) $ 0.696336
avalanche-2
Avalanche (AVAX) $ 19.80
chainlink
Chainlink (LINK) $ 14.06
polkadot
Polkadot (DOT) $ 4.22
litecoin
Litecoin (LTC) $ 86.12
monero
Monero (XMR) $ 220.51
stellar
Stellar (XLM) $ 0.273509
aave
Aave (AAVE) $ 163.42
filecoin
Filecoin (FIL) $ 2.88
eos
EOS (EOS) $ 0.838982
iota
IOTA (IOTA) $ 0.177851
dash
Dash (DASH) $ 22.56
sushi
Sushi (SUSHI) $ 0.602338
binance-usd
BUSD (BUSD) $ 0.999024