In January 2025, zkLend was hacked for $9.5 million, with the funds laundered through Railgun before being returned.
After experiencing a decline in January, ZkLend had a hacking attack that resulted in the theft of about ten million dollars. In accordance with the findings of the blockchain security company Cyvers, the decentralized money lending protocol zkLend was exploited on the Starknet network on February 12 for a total of $9.5 million.
There was a $9.5 million exploit that occurred on the Starknet network, and it affected zkLend. The stolen monies were transferred to Ethereum and then laundered using Railgun; however, according to the policies of the protocol, Railgun was able to return the funds to the address where they were initially transferred.
Cyvers penned the letter.”We are working with security firms and law enforcement at this stage,” zkLend said in response to the exploit, which offered a bounty of ten percent of the cash and released the attacker from “any and all liabilities” provided the attacker returned the remaining assets.
We will move forward with the subsequent procedures to track you down and prosecute you if we do not hear from you by the time the clock strikes 00:00 UTC on February 14, 2025,” the company added.
In spite of the fact that the number of crypto hacks has decreased by 44% compared to the previous year in January 2025, the first month of the year nevertheless resulted in the theft of more than $73 million.
When considering the fact that hackers took $2.3 billion across 165 instances in 2024, security experts are concerned about another year of hacking that will cost multiple billions of dollars. This is a forty percent increase from 2023, when hackers stole $1.69 billion worth of cryptocurrency.
Some hacks have a happy ending
Although they stole tens of millions of dollars in cryptocurrency and received considerable attention from investigators, some hostile hackers have changed their minds about their actions.
During the month of May in the year 2024, a fortunate but unexplained turn of events occurred in which the victim received back bitcoins worth a total of $71 million that had been stolen from a wallet-poisoning scheme.
Following the high-profile phishing incident that attracted the attention of various blockchain research businesses, the unnamed attacker returned a total of $71 million worth of Ether (ETH) tokens worth $2,630.
After sending $71 million worth of Wrapped Bitcoin to a bait wallet address, an investor unexpectedly fell victim to a wallet poisoning scam. Following the creation of a wallet address with comparable alphanumeric characters, the con artist proceeded to make a modest transaction to the victim’s account.
Short positions in Ethereum have increased by 500% as hedge funds bet on the cryptocurrency’s downfall. Companies that specialize in blockchain security, like Cyvers, are now working on preventative measures to stop cryptocurrency attacks.
Michael Pearl, vice president of GTM strategy at Cyvers, said that an upcoming solution known as off-chain transaction validation has the potential to eliminate 99% of all cryptocurrency hacks and scams. This is accomplished by preemptively simulating and validating blockchain transactions in an off-chain environment.
