The zkLend hacker just got reverse-hacked while laundering $5.4M in ETH through a Tornado Cash phishing scam. Then, he sent an on-chain message to a zkLend developer expressing remorse—giving the community an early-month comedy show.
zkLend Hacker Wiped Out While Laundering 2,930 ETH via Tornado Cash
The February attack on Starknet-based lending protocol zkLend resulted in a loss of approximately 3,666 ETH, valued at around $9.5 million. Recently, the hacker attempted to launder a portion of the stolen funds—2,930 ETH—through Tornado Cash. Yesterday, the zkLend hacker executed multiple transfers, sending 100 Ether per transaction to an address labeled Tornado.Cash: Router, and concluded with three final deposits of 10 Ether each. He has mistakenly clicked on a phishing site impersonating the service, leading to the instant loss of all 2,930 ETH.
In a desperate move, the hacker sent a “heartfelt letter” to zkLend, which was later leaked online, turning the incident into a public spectacle and a source of ridicule across the crypto community.
Inside the zkLend Hack for $9.6 million
On February 12, 2025, zkLend, a decentralized lending protocol on the Starknet blockchain, suffered a major exploit, resulting in the theft of $9.48 million (3,666 ETH). The hacker exploited a decimal precision vulnerability in zkLend’s smart contract, allowing them to drain funds from the protocol’s pools.
The hacker first bridged the stolen assets to Ethereum. He then funneled them through the privacy protocol Railgun. However, Railgun’s policies forced him to return the funds to his original address. The breach sparked serious concerns about DeFi security. It contributed to the $1.64 billion in crypto losses in Q1 2025. zkLend’s hack ranked as the fifth-largest exploit of the quarter.
In response, zkLend paused withdrawals and deposits to mitigate further losses and launched an investigation into the contract logic flaw. The protocol offered the hacker a 10% “white hat” bounty (3,300 ETH) to return the remaining funds. On March 5, zkLend opened a Recovery Portal, enabling users to claim losses—full refunds for unaffected pools and partial refunds with recovery pool claims for affected ones—while working to rebuild trust in the platform.
zkLend is a decentralized money-market protocol on Starknet, combining zk-rollup scalability with Ethereum’s security. It enables users to deposit, borrow, and lend assets efficiently in a trustless environment. Launched to enhance DeFi accessibility, zkLend offers superior transaction speed and cost savings, making it a promising player in the lending space.
Read the full article here
