A major hacking incident has hit zkLend, a decentralized lending platform that operates on the Starknet blockchain. The attacker managed to steal about $9.5 million worth of cryptocurrency by exploiting a vulnerability in the system.
According to blockchain security company Cyvers, the stolen digital assets were initially moved to the Ethereum network through a bridging mechanism. The hacker then tried to hide the transactions using Railgun, a privacy-focused tool that makes it difficult to trace funds. However, due to Railgun’s internal restrictions, the stolen funds were redirected back to the hacker’s original wallet.
In reaction to the security breach, zkLend temporarily disabled all withdrawals and advised its users to avoid making deposits or repaying loans until the issue was fully investigated. The company is working with law enforcement agencies and cybersecurity experts, including StarkWare, Starknet Foundation, and Binance Security, to track the stolen assets and identify the culprit.
The incident has raised fresh concerns about security vulnerabilities in the decentralized finance (DeFi) sector. Data from DeFiLlama reveals that cybercriminals have already stolen over $110 million from blockchain projects since the beginning of 2024. This attack on zkLend is now considered one of the most significant breaches to affect the Starknet ecosystem.
Efforts to Recover Stolen Funds
To retrieve the lost assets, zkLend has reached out to the hacker via an on-chain messag
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.