zkLend Exploited for $4.9M as Crypto Hacks Return After Slow January

Decentralized lending protocol zkLend listed itself in one of the latest crypto hacks, with hackers siphoning off nearly $5 million from the platform on the Starknet network. The attack, which took place on Feb. 12, marks a resurgence in crypto-related breaches after a brief decline in January, according to blockchain security firm Cyvers.

Stolen Funds Laundered But Partially Recovered

The stolen assets were swiftly moved to Ethereum and laundered through Railgun, a privacy-focused blockchain mixer. However, in a surprising twist, Railgun’s internal protocols forced the return of the funds to the hacker’s original address, leaving the attacker with no choice but to retrieve them from the same wallet used for the exploit.

Following the breach, zkLend reached out to the hacker with a proposal: return 90% of the stolen funds in exchange for immunity. The protocol publicly offered a 10% whitehat bounty, allowing the attacker to keep a portion of the stolen assets in return for cooperation.

“We understand that you are responsible for today’s attack on zkLend. You may keep 10% of the funds as a whitehat bounty, and send back the remaining 90%, or 3,300 ETH to be exact,” the team stated. They also warned that if the attacker did not comply by 00:00 UTC on Feb. 14, they would escalate the situation with law enforcement.

Rising Crypto Hacks

While January 2025 saw a 44% year-over-year decline in crypto hacks, it still recorded over $73 million in stolen funds. Security experts warn that this could be the calm before the storm, considering that hackers stole $2.3 billion across 165 incidents in 2024—a staggering 40% increase from the $1.69 billion stolen in 2023.

Given the rising sophistication of cybercriminals, some fear that 2025 could see another multibillion-dollar year for crypto exploits. However, there have been instances where hackers have had a change of heart after widespread scrutiny.

A Few Unexpected Happy Endings

One such case was a phishing scam in May 2024, where an investor lost $71 million worth of Wrapped Bitcoin due to a wallet poisoning scheme. However, the attacker later returned the stolen funds after multiple blockchain security firms intervened and investigated the case.

In an effort to curb such incidents, blockchain security firms are now pushing for offchain transaction validation, a method that could prevent up to 99% of crypto hacks by simulating and verifying blockchain transactions before they are executed. According to Michael Pearl, vice president of GTM strategy at Cyvers, these proactive measures could significantly enhance security across decentralized finance.