The hacker responsible for the February 2025 zkLend exploit, which resulted in the theft of 2,930 ETH worth $9.5 million, has recently suffered a significant setback. In a surprising turn of events, the hacker fell victim to a phishing scam while attempting to launder the stolen funds through the popular cryptocurrency mixing service, Tornado Cash. The onchain analytics firm Lookonchain reported that the hacker lost $5.4 million worth of Ethereum in the scam.
In a message sent to the zkLend deployer address, the hacker confessed to falling for a phishing website, stating, “Hello I tried to move funds to tornado but I used a phishing website and all the funds have been lost. I am devastated. I am terribly sorry for all the havoc and losses caused. All the 2930 eth have been taken by that site owners. I do not have coins. Please redirect your efforts towards those site owners to see if you can recover some of the money.”
The fake Tornado Cash website the hacker used was identified as tornadoeth[.]cash, which had been operating undetected for over five years. This incident serves as a stark reminder of the risks associated with the crypto space, even for individuals engaging in malicious activities like hacking and theft. Criminals themselves are not immune to falling victim to scams, highlighting the pervasive nature of fraud in the digital asset ecosystem.
Tornado Cash has been a prime target for phishing schemes, with multiple malicious actors creating convincing replica websites to deceive users and steal their assets. This particular scam resulted in the loss of all 2,930 ETH stolen from zkLend by another scammer. The prevalence of such scams underscores the need for heightened vigilance and caution when navigating the cryptocurrency landscape.
The unfortunate turn of events for the hacker comes amidst a concerning trend of rising crypto scams and security breaches. Immunefi’s Q1 2025 report revealed that the first quarter of the year witnessed a record-breaking $1.64 billion stolen in various crypto-related attacks, making it the worst quarter in history for crypto security. The incident involving the zkLend hacker serves as a cautionary tale for both users of the platform and the broader crypto community, highlighting the ever-present dangers that exist in the digital asset space.
As the crypto industry continues to evolve and grow, it is imperative for users to remain vigilant and exercise caution when engaging in transactions or interacting with online platforms. The zkLend hacker’s loss serves as a stark reminder of the risks associated with navigating the digital asset landscape and the importance of implementing robust security measures to protect against potential threats and scams.