zkLend Hacker Loses Stolen ETH to Phishing Scam
A zkLend hacker lost all 2,930 ETH in a phishing scam. The attacker tried to launder the stolen funds using a fake Tornado Cash website. According to De.Fi Antivirus Web3, the hacker mistakenly deposited the funds into the wrong site, losing everything.
On-chain data shows the hacker realized their mistake and sent a message to zkLend’s deployer. They admitted their blunder and apologized for the attack. The hacker urged zkLend to focus on the phishing scam operators instead.
The zkLend exploit happened on Feb. 12, with over $9.6 million in ETH stolen.The platform offered a 10% reward for returning the funds by Feb.14. When the hacker ignored the deadline, zkLend involved law enforcement and security experts.
This incident is part of a growing trend of crypto exploits. Immunefi’s Q1 2025 report shows the worst quarter for crypto security breaches in history, with $1.64 billion stolen.The zkLend hack was the fifth-largest of the quarter.
Decentralized finance protocols lost $106.8 million across 38 incidents. Ethereum and BNB Chain were the most targeted networks.Centralized finance platforms saw just two incidents but lost $1.5 billion.
