The post ZKLend hacker loses all funds to phishing site spoofing Tornado Cash appeared on BitcoinEthereumNews.com.

The hacker that took 2,930 ETH from the ZK Lend protocol claims to have lost all the funds to another bad player. Instead of sending the ETH to Tornado Cash, the hacker claims all funds were sent it to a phishing website. The hacker address that stole 2,930 ETH from ZKLend allegedly was hacked in return. The wallet’s owner commented through Etherscan, claiming the funds were lost to a phishing site instead of Tornado Cash. The stolen ETH is valued at around $5.5M as of April 1st. ZKLend has been negotiating with the hacker to regain most of the funds in exchange for a 10% bounty. The addresses were known and the project was actively communicating with the exploiter until the last moment. In the end, the hacker claimed the funds are no longer in the original address, and have been taken by another bad actor.  The hacker communicated in the same way as the ZKLend team – by issuing an on-chain transaction with zero ETH and a message attached.  The ZKLend hacker responded to the message offering a bounty, by claiming all funds were lost through a phishing site. | Source: Etherscan The ZKLend team has stated there is no conclusive evidence that the hacker lost control of all funds. The team noted that the funds were sent to an address linked to a spoof site that has been active for five years. There is no conclusive evidence linking the protocol exploiter to the owners of the spoof site’s wallets, but on-chain investigators have found indications that the same entity may be responsible for both hacks. The lending protocol has not given up on tracking down the lost ETH, and has included the new exploit address as a target. The ZKLend protocol cooperates with centralized exchanges, though there are…

---

Filed under: News - @ April 1, 2025 10:22 am