Fast-growing decentralized lending protocol, zkLend has suffered a cyber attack on the Starknet network. According to blockchain security outfit, Cyvers, the platform lost about $4.9 million to the hack.
Cyvers through a post via X on Wednesday provided insight into the attack. The firm revealed how the attackers bridged the funds to Ethereum before laundering it with Railgun.
However, Cyvers explained how protocol rules made Railgun return the funds to the original address. An on-chain message to the hacker by zkLend revealed that the attack claimed more than $9 million from the lending protocol.
The recent attack on zkLend further strengthened questions about the security of blockchain solutions. Hackers were on a rampage in 2024, stealing $2.3 billion through 165 attacks.
The staggering figure reflects a 40% increase compared to the $1.69 billion looted from the industry in 2023. Heading into the new year, bad actors have stolen above $73 million across 19 exploits in January.
Significantly, Phemex exchange contributed massively to the figure as a Binbits report revealed that the platform lost about $69 million to a cyber attack during the month.
It is worth mentioning that the native token of zkLend, ZEND reacted to the hack. In the last 24 hours, the coin dipped by 17%, reflecting a lengthy downturn for ZEND.
Before the hack, ZEND had been struggling to gain traction losing more than 48.7% of its value in the last 30 days. The recent attack on zkLend quenched hopes of a potential rebound for the token.
zkLend offers bounty
Meanwhile, zkLend is offering 10% of the stolen funds as a bounty to the hacker through an onchain message. The lending platform urged the attackers to return the stolen funds promising not to take any further legal action.
The firm went on to emphasize that the deal is only valid till February 14, 2025, 00:00 UTC. Furthermore, zkLend revealed how it is working with law enforcement agencies to investigate the issue.
Similarly, the protocol promises to track and prosecute the hackers if they fail to accept the offer. Additionally, in a post, the Starknet-based protocol said it is tracking the funds and exercising all available options to nail the hackers.
zkLend said it is closely working with firms like Binance Security Team, Hypernative Labs, Starknet Foundation, Zero Shadow, and StarkWare.