This year's April Fool's joke came early: a hacker was hacked, and stolen ETH was phished. After stealing 2,930 ETH from zkLend, the hacker ended up losing all their funds due to mistakenly entering a phishing website. Now, this hacker has apologized to the zkLend team through an on-chain message, claiming they "collapsed" and pleading for the project team to investigate the phishing website operators to recover their losses. Is this a case of karmic retribution or a smokescreen by the hacker? Let's find out.
From Hacker to "Victim"
In February this year, zkLend—a decentralized lending protocol based on the Starknet network—suffered a devastating attack. The hacker exploited a "rounding error" vulnerability in the smart contract, successfully stealing 3,600 ETH. After the incident, the zkLend team reached out to the hacker, offering to let them keep 10% (330 ETH) as a "white hat bounty" if they returned 90% (3,300 ETH) and promised not to pursue legal action. However, the hacker did not respond, and the funds were quickly transferred to the Ethereum network, attempting to launder the money through the privacy protocol Railgun. Although Railgun forced the return of the funds, preventing the hacker from laundering them, the trail was temporarily lost.
Just when everyone thought this large sum had vanished without a trace, on April 1, Slow Mist founder Yu Xian revealed a dramatic twist: the hacker used Tornado Cash to further obfuscate the flow of funds but mistakenly clicked on a phishing website disguised as Tornado Cash, resulting in the loss of 2,930 ETH.
Even more surprising, the hacker then proactively contacted zkLend through an on-chain message, expressing regret: "Hello, I intended to transfer the funds to Tornado Cash but mistakenly used a phishing website, resulting in the loss of all my funds. I am devastated. I deeply apologize for the chaos and losses caused. All 2,930 ETH have been taken by the operators of that website, and I have no coins left. Please focus your efforts on those website operators to see if any funds can be recovered. This is my last message; perhaps ending this is the best choice. Again, I apologize."
This "confession letter" quickly caused a stir in the crypto community. In the message, the hacker not only admitted their mistake but also expressed regret, even hinting at a possible "retirement." However, this display of "genuine emotion" raises doubts about its authenticity.
How Does the Community View It?
After the incident was exposed, some jokingly referred to it as "the hacker's version of an April Fool's joke," lamenting that "what goes around comes around"; others mocked it as "equivalent to a scammer in northern Myanmar being tricked by a flyer on a street lamp."
In addition to watching the drama unfold, some community members pointed out that the hacker might be staging a farce, disguising themselves as a "victim" to divert attention, and could even be colluding with the phishing website operators to whitewash their identity or cover up the flow of funds. However, according to Yu Xian's tracking, this phishing website has been lurking for five years, and if this hacker is indeed self-directing, it seems a bit too "patient." As it stands, while the hacker's wallet has indeed been emptied, it cannot be ruled out that there are still hidden accounts behind them.
As of the time of publication, zkLend has not officially responded to the hacker's message. Previously, the project team had launched a "recovery portal" on March 5 to provide partial compensation to affected users and promised to strengthen security measures.
Now, the zkLend theft incident seems to have staged a "black eating black" drama in the crypto world. Will the hacker's proactive plea for help prompt zkLend to collaborate with law enforcement to investigate the phishing website? Or is this just a smokescreen for the hacker's "whitewashing"? Is the hacker's "letter of repentance" a genuine reflection of remorse, or a carefully orchestrated "April Fool's humor"? BlockBeats will continue to follow the developments of this incident.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
