The decentralized lending protocol zkLend suffered a major security breach on February 12, resulting in the loss of $9.5 million. The exploit occurred on the Starknet network, a Layer 2 scaling solution for Ethereum. Following the attack, zkLend offered the hacker a 10% bounty if they return the remaining funds by February 14.
The protocol also promised to release the attacker from any liabilities if they comply. In a direct message to the hacker, zkLend stated, “You may keep 10% of the funds as a whitehat bounty and send back the remaining 90%, or 3,300 ETH to be exact.” The protocol emphasized the involvement of security firms and law enforcement, warning of further actions if the deadline is not met. This incident is part of a concerning trend in the crypto space.
Despite a decrease in January, with $73 million stolen, experts predict another year of significant losses, following 2024’s staggering $1.69 billion stolen across 165 incidents, a 40% increase from 2023. However, this is not an isolated case.
zkLend coordinates pursuit and bounty
Historical instances show that hackers sometimes return stolen assets. In May 2024, $71 million worth of cryptocurrencies was unexpectedly returned after a high-profile phishing incident. The focus remains on improving security measures.
Michael Pearl, vice president of GTM strategy at Cyvers, highlighted the potential of offchain transaction validation to combat such exploits by preemptively simulating and validating blockchain transactions. zkLend and its partners continue their efforts to resolve the current situation and enhance their security infrastructure to prevent future breaches. The protocol has set a deadline of February 13, 7:00 PM EST for the return of the funds, after which they intend to pursue legal action if the hacker does not respond.
As of now, the hacker has not responded, which is typical in such scenarios, and no specific threat actors have been identified behind this attack. The crypto community awaits further developments in this case and hopes for a resolution that minimizes the impact on zkLend and its users.
Image Credits: Photo by RoonZ nl on Unsplash
