What Happened to zkLend?
zkLend, a decentralized finance (DeFi) platform built on Starknet’s Layer2 Ethereum network, was recently the target of a significant hack. The exploit, which took place on February 12, 2025, led to the theft of 3,300 ETH, amounting to about $5 million at the time. This attack brought the total losses to approximately $9.5 million, according to blockchain security company Cyvers.
zkLend was founded in 2022. It aimed to offer scaling solutions and money market products. The platform helped users access fast and affordable borrowing options. It promised to provide a secure, scalable, and efficient system. This made it one of the most trusted names in decentralized finance.
However, this attack has raised serious questions about the security of even the most trusted platforms in the crypto space. On February 11, zkLend suspended withdrawals from its official network after discovering an exploit. The following day, the platform publicly announced the hack, and more details emerged about the scale of the theft. As of now, the team is in talks with the hacker, offering a 10% reward for the return of the stolen ETH.
How Did the Hacker Break In?
Despite the advanced security protocols implemented by zkLend, the hacker was able to exploit vulnerabilities in the system. The hacker stole 3,300 ETH from zkLend, transferring the funds to several different wallet addresses. Four wallet addresses were involved in the exploit:
- 0x645c77833833A6654F7EdaA977eBEaBc680a9109
- 0xCf677c7520E02acA89BC70431eAC891e94273E8a
- 0x0B7D061D91018AaB823A755020e625FfE8B93074
- 0xcd1c290198E12c4c1809271e683572FBF977Bb63
At the time of the attack, some of the stolen funds (1,801 ETH) were in transit from Layer2 to Layer1 networks. As the situation developed, the funds were confirmed to be in the hacker’s wallet. Although the hacker’s wallet shows a series of transactions, tracking the funds has proven difficult due to the decentralized nature of cryptocurrency.
When zkLend first detected the hack, the team attempted to contact the hacker by offering a 10% reward for the return of the stolen funds. They created a wallet address where the hacker could send the ETH back if they agreed to negotiate. However, no funds have been returned so far.
One of the most remarkable aspects of this attack is the fact that, despite the blockchain’s decentralized nature and the hacker’s attempts to remain anonymous, it is still possible to track the stolen funds. Security experts can follow the digital footprint left by every cryptocurrency transaction recorded on the blockchain.
The hacker had previously used their wallet to receive small amounts of funds from Binance, a well-known cryptocurrency exchange. However, these funds were not significant enough to force the hacker to go through the KYC (Know Your Customer) process, which could have helped identify them. This lack of substantial financial activity means that the hacker’s identity remains elusive for now.
What Actions Is zkLend Taking?
In the wake of the attack, zkLend has been working tirelessly to address the situation. The developers are collaborating with several security firms, including StarkWare Ltd, Starknet Foundation, zeroshadow.io (formerly Chainalysis Incident Response), Binance Security Team, and Hypernative Labs, to trace the stolen funds and identify the cause of the exploit.
These companies are conducting a thorough investigation into how the breach occurred and are working to recover the stolen funds. Despite the gravity of the situation, zkLend has promised users full transparency throughout the process, assuring them that the investigation is a top priority. A detailed report on the findings will be published once the investigation is complete.
In the meantime, zkLend has continued to emphasize its commitment to user trust and security. Although the attack has shaken some users’ confidence, the platform is determined to resolve the issue swiftly and restore the integrity of its services.
The developers aim to better understand the exploit. They want to prevent similar incidents in the future. Multiple security organizations are involved in the effort. zkLend is actively working to recover the stolen funds. The platform is strengthening its security for the long term.
The hacker has not been identified. The stolen funds have not been returned. zkLend is working hard to mitigate the damage. They are also focused on preventing future breaches. Their collaboration with top security firms highlights the serious nature of the situation and their dedication to safeguarding users’ assets.
