**zkLend Hack: A $10M Crypto Heist and the Industry’s Response**
Cryptocurrency security is once again in the spotlight after zkLend, a decentralized money lending protocol, fell victim to a massive exploit. The hack, which drained nearly $10 million, signals a resurgence of crypto attacks after a relatively quieter January.
The $9.5M Breach: What Happened?
On February 12, blockchain security firm Cyvers reported that zkLend had been exploited on the Starknet network, with attackers making off with a staggering $9.5 million. The stolen funds were then bridged to Ethereum and funneled through Railgun—a privacy-focused transaction protocol often associated with illicit fund laundering.
However, in a surprising twist, Railgun’s policies facilitated the return of the funds to the original address.
“zkLend has suffered a $9.5 million exploit on the Starknet network. Stolen funds were bridged to Ethereum and laundered via Railgun, but due to protocol policies, the funds were returned to the original address by Railgun!” – Cyvers Alerts
Crypto Hacks Continue
Source: Cyvers Alerts
zkLend Fights Back with a Bounty Offer
Reacting swiftly, zkLend reached out to the attacker with an unusual but increasingly common approach—a bounty offer. The protocol offered 10% of the stolen funds as a reward if the attacker returned the remaining 90%:
“We understand that you are responsible for today’s attack on zkLend. You may keep 10% of the funds as a whitehat bounty and send back the remaining 90%, or 3,300 ETH to be exact.”
zkLend also issued a stern warning, making it clear they were actively working with security firms and law enforcement to track down the perpetrator. The attacker was given until February 14, 00:00 UTC to return the funds before the company pursued legal action.
zkLend Issues an Ultimatum
Source: zkLend
Crypto Hacks: Will 2025 Break Records?
While January 2025 saw a 44% drop in crypto hacks compared to the previous year, cybercriminals still managed to steal over $73 million in the month alone.
Given that 2024 saw $2.3 billion stolen across 165 incidents, security experts worry that 2025 might set another record. If this recent zkLend hack is any indication, the threat of cybercrime in the crypto space remains as real as ever.
A Rare Happy Ending: Some Hackers Have a Change of Heart
Although most criminals aim to profit from their exploits, some surprisingly return stolen funds after feeling the pressure of community and law enforcement scrutiny.
Take, for example, an incident in May 2024, when a victim of a wallet poisoning scam lost $71 million in Ether (ETH). The scam tricked an investor into sending Wrapped Bitcoin (WBTC) to a fraudulent, lookalike wallet address. But in a mysterious twist, the hacker eventually returned all $71 million.
It’s these unexpected moments that give the crypto space hope that not every exploit ends in financial ruin.
Can Emerging Tech Prevent Crypto Hacks?
As crypto hacks continue to evolve, security firms like Cyvers are developing preemptive measures to stop attacks before they happen.
One promising innovation is offchain transaction validation, a technique that could reportedly prevent 99% of all crypto hacks. The process works by simulating and validating suspect blockchain transactions in an offchain environment.
Michael Pearl, vice president of GTM strategy at Cyvers, explained this revolutionary approach to Cointelegraph, emphasizing its potential to safeguard billions in digital assets.
The Fight Against Crypto Exploits Continues
With billions lost to cybercriminals each year, the crypto community remains on high alert. While solutions like offchain validation bring hope, it’s evident that security must remain a top priority for protocols, investors, and developers alike.
As we move deeper into 2025, the question remains: Will this year see more high-profile hacks, or will new security measures finally turn the tide?
Related: BNB Chain memecoin platform Four.Meme hit by $183K exploit
Magazine: Trump’s crypto ventures raise conflict of interest, insider trading questions
