ZkLend, a decentralized lending protocol constructed on Starknet, has confirmed that the hacker answerable for its February exploit misplaced a good portion of the stolen funds to a phishing rip-off.
In an April 1 submit on X, ZkLend revealed that the attacker tried to launder 2,930 ETH, value round $5.4 million, by means of crypto mixer Twister Money.
Nonetheless, as an alternative of utilizing the reputable platform, the hacker mistakenly interacted with a malicious phishing web site: tornadoeth[.]money. Because of this, one other social gathering efficiently drained the ETH.
Blockchain analytics agency Lookonchain corroborated ZkLend’s findings, confirming the lack of 2,930 ETH because of the phishing incident.
Curiously, the hacker later despatched an on-chain message to ZkLend’s deployer handle, admitting the blunder. Within the message, the attacker wrote:
“I attempted to maneuver funds to Twister however used a phishing web site. All of the funds have been misplaced. I’m devastated and sorry for the havoc and losses precipitated. I don’t have the cash anymore.”
The hacker urged ZkLend to pursue the phishing web site operators as an alternative.
‘No connection’
This surprising flip has fueled hypothesis that the unique hacker and the phishing scammers is likely to be related, although no proof has surfaced to help that concept.
In the meantime, ZkLend said that the phishing web site seems to have been energetic for over 5 years. The undertaking furthered that no concrete proof hyperlinks the phishing operators to the unique hacker.
Nonetheless, pockets addresses tied to the phishing web site have been added to ongoing fund-tracing efforts.
The workforce additionally famous elevated exercise from wallets related to the hacker. Safety consultants, centralized exchanges (CEXs), and related authorities have been monitoring these actions in real-time.
ZkLend was exploited in February, with blockchain safety agency Cyvers estimating the loss at roughly $9.5 million.
The protocol provided the attacker a ten% bounty in the event that they returned the remaining. Nonetheless, the hacker ignored the proposal and stored the funds, prompting ZkLend to companion with safety groups from Starknet, StarkWare, and Binance in a broader fund restoration effort.
