Zklend, a decentralized lending protocol constructed on StarkNet, confirmed that the top of the February exploit misplaced a good portion of the stolen funds to phishing scams.

In a publish on April 1st on X, Zklend revealed that the attacker tried to clean 2,930 ETH, price round $5.4 million by the Crypto Mixer Twister Money.

Nevertheless, as an alternative of utilizing reputable platforms, hackers unintentionally interacted with Tornadoeth (.)Money, a malicious phishing web site. Because of this, different events efficiently emitting ETH.

Blockchain analytics agency Lookonchain has confirmed the lack of 2,930 ETH because of the phishing incident, confirming the findings of Zklend.

Curiously, the hacker later despatched an on-chain message to Zklend’s deployment tackle, admitting his flaws. Within the message, the attacker wrote:

“I attempted to maneuver my funds right into a twister, however I used a phishing web site. All my funds had been misplaced. I am disrepaired and sorry for the chaos and losses. There aren’t any extra cash.”

The hackers urged Zklend to pursue operators of phishing websites as an alternative.

“No connection”

This surprising flip promoted hypothesis that the unique hacker and the phishing scammer may very well be linked, however there was no proof to help that concept.

In the meantime, Zklend mentioned the phishing web site seems to have been energetic for over 5 years. The undertaking has additional progressed within the lack of concrete proof linking phishing operators to the unique hackers.

Nonetheless, pockets addresses tied to phishing websites are being added to our ongoing fund tracing efforts.

The crew additionally famous a rise in exercise from the pockets associated to hackers. Safety consultants, centralized exchanges (CEXS), and associated authorities had been monitoring these actions in actual time.

Zklend was misused in February, and blockchain safety firm Cyvers estimated the loss to be round $9.5 million.

This protocol supplied an attacker with a ten% prize cash if the remainder was returned. Nevertheless, the hackers ignored the proposal, stored the funds in place and urged ZKLEND to accomplice with the safety groups at StarkNet, Starkware and Binance.