zkLend Shuts Down After $9.5 Million Exploit, Allocates $200,000 to Recovery Fund

zkLend, a decentralized lending protocol built on Starknet, has officially ceased operations following a significant exploit that resulted in a loss of $9.5 million. The platform's team announced that they will allocate their remaining $200,000 treasury to support affected users through a recovery fund. This decision comes after the delisting of the platform’s native token, ZEND, from major exchanges, which further complicated the platform's ability to continue operations.

The team behind zkLend expressed that the decision to shut down was difficult but necessary. The exploit had severely eroded user confidence and compromised the platform's integrity. The delisting of ZEND from top crypto exchanges, including Bybit and KuCoin, reduced the token’s accessibility and market liquidity, making it challenging for the team to pursue future initiatives. The team stated that these developments significantly limited their capacity to effectively allocate resources toward any new projects.

Instead of continuing development under constrained conditions, the team opted to shut down and redirect remaining funds to those impacted by the breach. The platform has committed to allocating its remaining $200,000 treasury to a user recovery fund, prioritizing community support over protocol relaunch or expansion. Key services, including the DeFi Spring, Recovery, and kSTRK portals, will remain live, encouraging users to visit these platforms to unstake assets or claim any remaining balances.

In an effort to contribute back to the DeFi ecosystem, zkLend announced plans to open-source its audited and refreshed codebase in the coming weeks. This move will enable other developers to study, repurpose, or build on the platform’s infrastructure. The team affirmed its commitment to remaining online and available during the fund recovery process, stating that they will continue to work with zeroShadow, a blockchain investigation firm, to trace and recover stolen funds. Assets recovered through these efforts will be added to the recovery fund for distribution to affected users.

zkLend launched its Recovery Portal for users affected by the $9.6 million exploit. Users in unaffected pools will be fully refunded, while affected users will receive partial compensation and claim positions. The stolen funds were bridged to Ethereum and passed through Railgun, which returned them to the hacker’s original address due to internal safeguards. zkLend offered a 10% white hat bounty for 3,300 ETH, but the hacker did not respond. Unfortunately, the hacker claimed to have lost 2,930 ETH (worth $5.4 million) after mistakenly sending the stolen funds to a phishing site posing as Tornado Cash.

In a March 31 on-chain message, the attacker admitted using a fake front-end, expressing regret for the harm caused. The hacker asked zkLend to redirect recovery efforts toward the phishing site operators, claiming, “I do not have coins.” The shutdown of zkLend adds to a growing list of decentralized finance platforms and exchanges facing serious challenges from protocol exploits. The incident highlights the ongoing risks and vulnerabilities within the DeFi ecosystem, underscoring the need for enhanced security measures and community support.