ZKLEND, a non -central financing lending protocol on Starknet, has suffered from a major security breach. As a result, it lost about 3,700 ETH, at a value of about $ 4.9 million.
The exploitation forced the platform to stop withdrawals with continued investigations.
In response to exploitation
Zklend confirmed the incident in a series of X Pillars On February 11, it was stated that millions of cryptocurrencies were drained from its smart contracts.
We are aware of the ongoing security incident on ZKLEND. The protocol said: “The team is investigating now and will make an update as possible.” After hours, they advised users to refrain from depositing or paying money while working to determine the root cause. They also stopped all withdrawals to prevent more losses.
After the attack, Zklend sought to obtain services from many organizations, including Starkware, Zeroshadow, Binance Security and Hypernative Fabs, to help track pirates and restore stolen money. I also promised to share a more detailed analysis once the post -death was completed.
The effect of exploitation on many DEFi strategies associated with ZKLEND, including Starfarm’s Strk, USDC and ETH Sensei, puts clouds on ice until the situation is resolved.
According to Blockchain Security, the perpetrator, who was identified by the address 0x64 … 9109, targeted a specific contract, 0x04 … 3B26, before he was walking in the money. Then they transferred the stolen assets to ETHEREUM, and directed them through a railgun encryption mixer, a privacy that is often used to hide transactions paths.
Data on the series subscriber Through the safety platform, it showed many transactions that lead to washing activity, with a value of 706 ETH, which is worth about $ 1.8 million, was already sent via the mixer.
Whitehat Bounty offer
In another effort to assign funds, Zklend issued Message For infiltrators, served 10 % of Whitehat Bounty. This means that the attacker will remain approximately 400 ETH with a value of more than a million dollars if the remaining 3300 ETH is returned by 00:00 UTC on Valentine’s Day. The team also emphasized that the offer is legally obligated and exposed to “any and all responsibility” regarding the theft.
This is not the first time that the wrong protocols of the exploits are trying to negotiate with the bad actors to return money. In March of last year, Woofi lost $ 8.5 million in a flash loan attack, after which a percentage of looting was offered as Whitehat Bounty.
Likewise, nearly half a year ago, North Korean infiltrators stole more than $ 70 million from Coinex Crypto Exchange, prompting the platform to provide what is called a “generous insect bonus”.
Unfortunately, in both cases, no money has been returned despite the call of rewards.
Binance Free $ 600 (Full Details).
Limited offer for Cryptopotato readers in Bybit: Use this link to register and open a 500 -dollar free site on any coin!
