zkLend Winds Down Business After Months-Old $9M Hack

zkLend, a decentralized crypto lending platform built on Starknet, is officially shutting down after suffering a major hack worth over $9 million.

In February 2025, the platform was attacked through a bug in its smart contract system. This allowed the hacker to manipulate the lending process and withdraw far more Ether (ETH) than they had deposited. In total, approximately 3,300 ETH, valued at around $9 million at the time of the theft, were stolen.

Following the breach, zkLend quickly paused its operations. Next, it began collaborating with security companies, blockchain experts, and law enforcement to trace the attacker and recover funds. Despite these efforts, progress was limited.

zkLend’s Recovery Attempt

Hoping to recover at least part of the stolen money, zkLend offered the attacker a 10% bounty. This meant that if the hacker returned 90% of the stolen funds, they could legally retain the remaining 10%, worth approximately $1 million, as a reward.

The platform set a deadline and offered a $500,000 reward for any information that led to the recovery. Unfortunately, the hacker never responded to these offers. Hence, no ETH was returned.

With mounting pressure, ongoing costs, and no recovery in sight, zkLend decided to shut down permanently. The team stated that winding down operations was the most responsible step to protect the remaining user funds and the community’s interests.

Hacker Loses Millions to Phishing Scam

In a surprising turn of events, it was later discovered that the hacker lost about $5.4 million worth of the stolen ETH while trying to launder it. Reports showed that the attacker mistakenly used a fake version of Tornado Cash, a privacy tool, to move the funds. However, they fell victim to a phishing scam.

The scammer behind the fake site was able to steal 2,930 ETH from the hacker’s wallet.

The incident reflects the complex and evolving nature of the DeFi space. From technical challenges in smart contracts to unexpected turns, such as hackers falling for scams, it serves as a reminder of the importance of continuous learning and caution for both developers and users.

The post zkLend Winds Down Business After Months-Old $9M Hack appeared first on Cointab.