- A Hacker who stole 3,600 ETH from ZKLend claims to have lost 2,930 ETH to a fake Tornado Cash phishing website.
- The original theft occurred on February 11, 2025, but the hacker only revealed the subsequent loss of funds on March 31.
- Skeptics question whether this is an elaborate scheme, with some suggesting the hacker may own the phishing website or that the message was an April Fool’s prank.
In an unusual twist of crypto crime, the hacker who stole millions from decentralized finance project ZKLend claims to have subsequently lost those funds to another scam. On February 11, 2025, ZKLend lost approximately 3,600 ether (ETH) in a hack, with the perpetrator later claiming those funds were stolen through a phishing website impersonating Tornado Cash.
The bizarre saga continued on March 31 when the hacker, identified as "Fake_Phishing927538," communicated with ZKLend’s token deployer account through an on-chain message. "I tried to move funds to tornado [cash] but I used a phishing website and all the funds have been lost," the hacker wrote, adding, "I am devastated. I am terribly sorry for all the havoc and losses caused."
Following the initial theft, ZKLend administrators had pleaded with the hacker to return the funds and offered a $500,000 bounty, but received no response until the March 31 message. According to the hacker’s statement, 2,930 ETH was lost to operators of the fake Tornado Cash website, a popular crypto mixing service used to obscure transaction trails.
Questions About the Hacker’s Claims
The timing and circumstances have raised significant skepticism throughout the crypto community. Some observers questioned why there was a lengthy delay between the February 18 theft and the March 31 message if the hacker genuinely intended to return funds. Others speculated that the proximity to April 1 might indicate the message was a cruel April Fool’s joke at the expense of users who lost their investments.
A more sinister theory proposed by some community members suggests potential cooperation between the original hacker and the phishing site operators, creating an elaborate scheme to launder the stolen funds while constructing a cover story.
ZKLend’s Response to the Situation
ZKLend has stated that "At this stage, security teams do not have conclusive evidence that the phishing website and the exploiter are connected." The protocol continues to monitor the situation, noting "significant movements of funds from the exploiter’s controlled wallet addresses."
Despite the ongoing saga, ZKLend’s homepage still displays logos from prominent backers including Delphi Digital, CMS Holdings, Starkware, and GBV, presenting itself as "supported by trusted institutions" even as investigations into both thefts continue.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- California Bill Shields Residents’ Right to Use Crypto for Payments
- Japanese Hotel Giant Metaplanet Grows Bitcoin Stash to 4,046 BTC
- Binance Drops USDT Spot Trading in Europe to Comply with MiCA Rules
- Kentucky Drops Staking Lawsuit Against Coinbase as Regulatory Tide Shifts
- North Korea’s Lazarus Group Steals Record $1.4 Billion in Bybit Hack
