Oops, Another Twist in the zkLend Saga
Hacker of zkLend Suffers Loss of $5.4 Million Due to Phishing Scam on Tornado Cash Platform
In a shocking turn of events, the notorious hacker who pilfered $9.6 million from zkLend back in February 2025, found themselves on the receiving end of a phishing scam—losing a whopping $5.4 million in March!
A disheartened message was sent to zkLend via Etherscan on March 31, confessing the blunder. "I tried to obfuscate funds using a phony Tornado Cash site, but alas, all the dough is history. I am absolutely gutted," the hacker lamented.
Detailed on-chain data reveals that the hacker made repeated deposits of 100 ETH each to an address labeled "Tornado.Cash: Router," only to realize too late that they had been duped. Three smaller deposits of 10 ETH followed, before the alarm was raised by another user, warning the hacker not to celebrate prematurely.
The fraudulent Tornado Cash site wasn't the hacker's only mishap. Following the initial heist, they attempted to launder the stolen funds through Railgun, yet protocol policies flipped the script, returning the funds to their original address.
From Plunderer to Pauper: A Tale of Woe
zkLend responded to the initial breach by proposing a deal to the hacker: keep 10% of the stolen goods and return the rest, pledging to forgo legal action. However, the deadline passed without a response, prompting zkLend to up the ante. On February 19, they announced a hefty $500,000 bounty for any information leading to the hacker's capture and the recovery of funds.
As fate would have it, the hacker's misfortunes didn't end there. They were then asked by zkLend to return the remaining funds left in their wallets, but records show that another 25 ETH was sent to a different wallet identified as "Chainflip1."
This saga is a part of a broader trend of security turmoil in the crypto realm. According to CertiK, crypto-related crimes swindled over $33 million in March 2025 alone, with February being even more dire, resulting in nearly $1.53 billion in losses.
The Bybit heist orchestrated by North Korea's Lazarus Group on February 21 became the largest crypto hack ever, netting $1.4 billion and doubling the previous record, a $650 million steal during the Ronin bridge hack in March 2022.
Experts consider this case a stark reminder of the threats that persist even for those cashing in on vulnerabilities. The hacker's unfortunate experience serves as a grim reminder of the hazards lurking within the crypto world, endangering everyone from ordinary users to criminals alike.
Bonus Insights:
- The $5.4 million loss could be attributed to Ethereum price fluctuations, transfer issues, smart contract reversions, or intervention by authorities or hackers. With no specific details on the incident, these are speculative possibilities.
- Despite the phishing scam, the hacker still possesses 3,600 Ethereum worth approximately $9.1 million. Whether they choose to keep it or try to recoup their losses remains to be seen.
- The hacker, who once stole $9.6 million in cryptocurrency from zkLend, subsequently lost $5.4 million in a phishing scam, as detailed in a message sent to zkLend via Etherscan.
- In an unexpected turn of events, the hacker's attempt to obfuscate funds using a phony Tornado Cash site was unsuccessful, leading to the loss of the funds.
- This incident is a part of a broader trend of cybersecurity issues in the finance sector, as reported by CertiK, with crypto-related crimes resulting in over $33 million in losses in March 2025 alone.
- The hacker still holds 3,600 Ethereum, currently valued at approximately $9.1 million, following the phishing scam, raising questions about future financial decisions they may make.
