Phishing Fail: How a Hacker Lost His Loot to a Fake Tornado Cash Site
Today, CoinMooner would like to share with you a recent and unfortunate incident that has occurred in the Web3 industry. This case, which feels like a scene from a dark comedy, serves as a clear reminder of the importance of caution when dealing with cryptocurrencies and blockchain technologies.
According to data from De.Fi Antivirus Web3, a hacker who had stolen a large sum of money, tried to launder it using Tornado Cash, a service for anonymous transactions. However, his haste and lack of attention played a cruel joke on him—he mistakenly used a phishing site instead of the real Tornado Cash. As a result, he effectively gave away the stolen money. Realizing his critical mistake, the hacker became so desperate that he took an unusual step: he sent a message to the deployment address of zkLend—the very platform he had attacked. In his message, he admitted his mistake, expressed regret over the February attack, and even urged developers to focus on combating phishing scams so that others would not make the same mistake.
In his message, he explained that he had attempted to send the stolen funds to Tornado Cash but ultimately used a fake website. As a result, all the funds were lost, and he admitted feeling completely devastated. The irony is apparent. A person who stole millions ended up becoming a victim of scammers using similar tactics.
A Stolen Fortune Vanishes: The Tale of a Hacker's Costly Mistake
Initially, when the hacker withdrew $5 million worth of ETH from zkLend, the project team attempted to negotiate with him. They offered him a kind of "deal with his conscience"—if he voluntarily returned the stolen funds by February 14, he could keep 10% of them. However, the hacker ignored the offer, forcing the developers to turn to law enforcement for assistance. To track the stolen funds, they brought in security experts from Starknet Foundation, StarkWare, and Binance Security, who launched a large-scale investigation.
According to an analysis by Immunefi, the first quarter of 2025 has been the worst in terms of losses from hacker attacks. Crypto projects lost a total of $1.64 billion. The most affected were decentralized finance (DeFi) protocols, which suffered $106.8 million in losses across 38 incidents. This alarming statistic underscores once again that cybersecurity remains one of the most significant challenges for the industry.
Coinmooner wants to remind all Web3 users that security should always be a top priority. Use only trusted platforms, double-check website addresses before making transactions, and apply the most advanced security measures. Awareness and caution are your best allies in the world of decentralized finance.
