zkLend, a decentralized lending platform on the Starknet blockchain, experienced a significant exploit resulting in the theft of $9.5 million in crypto assets. The stolen funds were initially bridged to Ethereum and funneled through the privacy protocol Railgun. As a response, zkLend paused all withdrawals, advising users against depositing or repaying loans while investigating the incident. Blockchain security firm Cyvers highlighted that the hack underscores security vulnerabilities in DeFi lending. In hopes of recovering the funds, zkLend offered the hacker a 10% bounty for their return, setting a deadline of February 14 for compliance. The breach raised alarms amid growing security concerns, with over $110 million stolen from blockchain projects this year. Various security firms and law enforcement are collaborating to trace the stolen funds, and a comprehensive analysis of the incident is expected to be provided by zkLend upon completion of the investigation.

Source 🔗