zkLend Hacker ‘Devastated’ After Losing $5.5 Million to Phishing Scam
The zkLend hacker has lost 2,930 ETH ($5.5 million) attempting to launder most of the stolen funds, according to an onchain message on Etherscan.
In a series of transfers on March 31, the hacker sent multiples of 100 ETH to an address labeled Tornado.Cash: Router, ending with three deposits of 10 ETH.
The hacker mistakenly clicked on a phishing link, resulting in the loss of the funds. “I am devastated. I am terribly sorry for all the havoc and losses caused,” the message reads.
zkLend asked the hacker to return the remaining funds to their wallet. In response, the hacker sent the remaining 25.15 ETH.
Starknet-based lending protocol zkLend suffered a $10 million exploit on Feb. 12 when the attacker exploited a decimal precision vulnerability in zkLend’s smart contract, leveraging flash loans and rounding errors to manipulate the protocol’s accumulator mechanism.
By inflating the value of the lending accumulator through repeated deposits and withdrawals, the hacker artificially increased their collateral balance, enabling them to borrow other assets from the protocol.
Related Posts
Advertisement
Get an edge in Crypto with our free daily newsletter
Know what matters in Crypto and Web3 with The Defiant Daily newsletter, Mon to Fri
90k+ Defiers informed every day. Unsubscribe anytime.
