The hacker standing for the $ 9.6 million utilize of the decentralized cash loan protocol in February claims that they simply fell victim to the phishing page summarizing the Tornado Cash, which caused the loss of a significant part of the stolen funds.
In a message sent to zklend via Etherscan on March 31, the hacker claimed that he lost 2930 ether (ETH) from the stolen fund to the phishing website pretending to be front-end for Tornado Cash.
In a series of transfers on March 31, a thief with Klend sent 100 ether on time to the address called Tornado.cash: Router, ending with three deposits of 10 ether.
“Hello, I tried to move the funds to Tornado, but I used the phishing site and all funds were lost. I am devastated. I am very sorry about all the havoc and caused losses,” said Haker.
The hacker standing behind with Klend Exploit claims that he has lost most of the funds on the Phishing website, which is front-end for Tornado Cash. Source: Etherscan
“All 2930 ETH have been accepted by these website owners. I do not have coins. Please redirect your efforts to these website owners to check if you can recover some of the money,” they added.
With Klend replied To the message, asking the hacker to “return all funds left in the wallets” to the address of the portfolio with KLEnd. However, according to Etherscan, there were another 25 ether sent to the portfolio mentioned as chainflip1.
Earlier another user warned Exploiter about mistakes, telling them: “Don’t celebrate” because all funds were sent to the url of cash Tornado Tornado.
“It is so destructive. Everything went with one wrong website,” answered the hacker.
Another user warned the exploiter with Klend against error, but it was too behind schedule. Source: Etherscan
As it was used for $ 9.6 million
He suffered an empty utilize of the market on February 11, when the attacker used miniature deposits and flash loans to inflate the loan battery, According to to the protocol on February 14.
The hacker then settled and withdrew the funds repeatedly, using rounding errors that became significant because of the inflated battery.
The attacker crossed the stolen funds to Ethereum, and then did not prick them through the railway queue after the rules of the protocol returned them to the original address.
After using ZKLend, he suggested that the hacker could stop 10% of the funds as a reward and offered the release of the culprit from legal liability and control of law enforcement agencies if the remaining ether was returned.
Related: DEFI SIR protocol. Trading loses all 355,000 USD TVL in the “worst news” possible
The date of the offer on February 14 passed the public unanswered any of the parties. In update on February 19 to X, Zklend he said Currently, it has offered an award for $ 500,000 for any verifiable information that could lead to the arrest of a hacker and regaining funds.
According to Certik Certik Certik, Blockchain Security Stratets in Crypto Scams, Exploits and Hacks amounted to over $ 33 million, but fell to $ 28 million after a decentralized 1 -inch exchange aggregator successfully recovered their stolen funds.
Losses for cryptographic fraud, exploits and hacks in February amounted to almost $ 1.53 billion. Attack $ 1.4 billion on February 21 on Bybit by the Lazarus Group in North Korea created a lion and took the title of the largest hack as a cryptographic hack, doubled $ 650 million Hack Ronin Bridge in March 2022.
Warehouse: Lazarus’ favorite exploit was revealed – analysis of cryptographic hacks
