YEREVAN (CoinChapter.com) — Decentralized lending protocol zkLend lost $9.5 million in a Starknet exploit on Feb. 12, according to blockchain security firm Cyvers. The attacker moved the stolen funds to Ethereum and attempted to launder them through Railgun. However, due to protocol restrictions, Railgun returned the funds to the original address.
Cyvers reported the breach, stating:
“zkLend has suffered a $9.5 million exploit on the Starknet network. Stolen funds were bridged to Ethereum and laundered via Railgun, but due to protocol policies, the funds were returned to the original address by Railgun.”
The exploit follows a period of declining crypto hacks, with January 2025 seeing a 44% drop in stolen funds. However, security firms warn that crypto-related breaches remain a major risk.
zkLend Offers 10% Bounty to the Hacker
After the Starknet hack, zkLend publicly addressed the attacker, offering a 10% bounty in exchange for returning the remaining funds. The protocol stated:
“We understand that you are responsible for today’s attack on zkLend. You may keep 10% of the funds as a whitehat bounty and send back the remaining 3,300 ETH.”
The protocol added that if the hacker does not comply by 00:00 UTC, Feb. 14, 2025, it will move forward with tracking and prosecution efforts. Law enforcement and security firms are already involved in the case.
Crypto Hacks Continue Despite January Decline
While crypto hacks dropped in January 2025, attackers still stole over $73 million. In 2024, hackers took $2.3 billion in 165 incidents, a 40% increase from 2023, when losses totaled $1.69 billion.
The largest attack targeted Singapore-based crypto exchange Phemex, resulting in losses exceeding $69 million, while the Moby Trade options platform suffered the second-largest breach, losing $2.5 million.
The zkLend Starknet exploit adds to concerns that crypto hacks could increase in 2025. Attackers continue using advanced laundering techniques and privacy tools to move stolen funds.
Some Hackers Have Returned Stolen Crypto
In some cases, attackers return funds after facing investigative pressure. In May 2024, a hacker behind a $71 million wallet poisoning scam sent back the stolen crypto.
The scam tricked a victim into sending $71 million in Wrapped Bitcoin (WBTC) to a fake wallet address. The attacker later returned the funds after multiple blockchain investigation firms got involved.
Security Firms Explore Solutions for Crypto Exploits
Blockchain security firms, including Cyvers, continue researching crypto exploit prevention. One proposed solution, offchain transaction validation, aims to reduce hacks by preemptively verifying transactions.
According to Michael Pearl, vice president of GTM strategy at Cyvers, this approach could block 99% of exploits and scams by simulating transactions before execution. As crypto hacks evolve, security firms work to reduce the risk of future Starknet exploits and other breaches.
