The infiltrator claims to exploit the residence protocol 9.6 million dollars in February that they were a victim of a manufacturing site on the hurricane that impersonates the hurricane, which led to the loss of a large part of the stolen boxes.
In a letter sent to Zklend via ETHERSCAN on March 31, the infiltrator claimed that he lost 2,930 Ether (ETH) from the stolen money to a site on the location of the Khrailian hunting site, which pretends to be a front front for Tornado Cash.
In a series of transportation operations on March 31, the thief ZKLEND sender 100 ether to an address called Tornado.cash: the router, with the completion of three deposits of 10 ether.
“Hello, I tried to transfer money to a hurricane, but I used a ceramic hunting site, and I have been lost. I am destroyed. I am very sorry for all the chaos and losses that caused it,” said the infiltrator.
Pirates behind Zklend Exploit claimed that he lost most of the money on a website for hunting, which is pretending as a front interface for Tornado Cash. source: ETHERSCAN
They added, “All 2930 Iro owners have taken.
ZKLEND Respond To the letter by asking the infiltrator to “return all the remaining money in your portfolio” to the Zklend portfolio address. However, according to ETHERSCAN, it was 25 of the ether at the time sender To a portfolio listed as chainflip1.
Earlier, another user to caution The user of the error, tells them, “Do not celebrate”, because all the money has been sent to the URL for criticism.
“It is very devastating. Everything went with one wrong website,” the infiltrator answered.
Another user warned of the ZKLEND exploiter of this error, but it is too late. source: ETHERSCAN
How ZKLEND was exploited for $ 9.6 million
Zklend suffered from the exploitation of an empty market on February 11 when an striker used a small deposit and flash loans to amplify the accumulation of lending, According to To the February 14 Protocol after death.
Then the infiltrators repeatedly withdrew the money, and took advantage of the approximate errors that became important due to an enlarged accumulation.
The attacker closed the stolen money to Ethereum and later failed to wash it through Railgun after the protocol policies brought them back to the original address.
After exploitation, ZKLEND suggested that the infiltrator can keep 10 % of the funds as a reward and offered the perpetrator of legal responsibility and checking the application of the law if the remaining ether is returned.
Related to: Defi Sir.trading protocol loses full 355 thousand dollars in “The Worse News” possible
The deadline of February 14th has ended without a general response from either side. In the February 19 update to X, ZKLEND He said Now provides a $ 500,000 bonus for any verified information that can lead to an infiltrator and money recovery.
Total losses in encrypted, exploits and extraordinary fraud, more than $ 33 million, according to Blockchain Certik Security, but it decreased to $ 28 million after AgrectorIVE Excentralized Exchange successfully regained its stolen money.
Total losses in encrypted, exploits and superficial fraud, approximately $ 1.53 billion in February. The $ 1.4 billion attack on BYBIT by the Lazarus Group in North Korea, formed the lion’s share and took the largest coding nickname ever, multiplying the $ 650 million Honin Bridge in March 2022.
magazine: The exploitation of the Lazarus Group group – Hacks Crypto Analysis
The post zkLend hacker claims losing stolen ETH to Tornado Cash phishing site first appeared on Investorempires.com.
