A hacker who stole 2,930 ETH worth over $9.6 million from zkLend has suffered a devastating loss after falling victim to a phishing scam targeting Tornado Cash. This incident exposes the risks associated with decentralized mixing services for illicit activities. 💔 The theft occurred on February 12th when the attacker exploited a rounding error in zkLend’s smart contracts, allowing them to access funds before detection. The stolen ETH was intended for laundering through Tornado Cash, but instead fell prey to a fake version of the platform, resulting in an immediate loss. 🚨 A public confession from the hacker revealed their blunder, leaving behind just a mere 25 ETH that may be recoverable. While zkLend temporarily shut down operations following the attack, they are working with cybersecurity firms to resolve vulnerabilities and collaborate with law enforcement to recover stolen funds. The hacker’s downfall underscores the continued vulnerability of DeFi applications to sophisticated phishing attacks, prompting greater focus on security measures and user education within the space.