Key Takeaways:
zkLend has launched its recovery portal, allowing eligible victims to reclaim losses from the February exploit. Payouts are discretionary, and victims may not recover full losses due to external factors beyond their control. Some victims have recovered only a fraction, raising fears of prolonged repayment delays like Mt. Gox. Crypto hacks continue to rise, with Bybit, Infini, and zKLend among the biggest victims this year.zkLend has officially launched the Recovery Portal, enabling users to reclaim funds lost in a recent attack. The zkLend exploit in February 2025 led to approximately $9.6 million (3,600 ETH) in losses. This crypto hack was part of a larger trend, as overall losses in the crypto space surged 20 times in February compared to January 2025.
With the recovery process now underway, victims hope to receive their full assets without delays, a concern fueled by past cases like the prolonged Mt. Gox exploit recovery timeline.
Victims Advised to Verify Communications Before Accessing Claims
On March 5, zkLend urged victims in an X post to stay vigilant and only interact through its official channels, verifying all communications on its verified social media platforms.
The warning comes amid concerns that scammers may create fake profiles, send fraudulent recovery links, or request private messages. These tactics are designed to trick victims into following bogus recovery steps that could lead to further losses.
Strict Terms and Limited Payouts in zkLend Recovery Portal
It is important to note that the zkLend Recovery Portal has strict terms and conditions. Eligible users will have their Starknet wallet addresses whitelisted to claim their share of the recovery pool.
However, funds will only be distributed on a reasonable endeavors basis, with allocations determined at the company’s sole discretion.
Furthermore, victims cannot guarantee that they will recover the full amount lost in the zkLend exploit, as recovery efforts depend on external factors beyond the company’s control.
Uncertainty Over Full Payouts Sparks Concerns Among Victims
These terms and conditions have sparked concerns among victims, with some reporting they have only recovered one-third of their lost funds.
This uncertainty raises questions about the effectiveness of the recovery process and whether users will receive more payouts in the future, with many drawing parallels to the prolonged Mt. Gox case.
Mt. Gox, once the world’s largest Bitcoin exchange, collapsed in February 2014 after losing 850,000 bitcoins to hackers. After years of legal battles, Tokyo courts approved a rehabilitation plan in June 2023, with repayments set to begin in July 2024.
However, as of today, the whole $8.2 billion is yet to be repaid, leaving creditors still waiting for full compensation. The slow recovery process is a cautionary tale for victims of the zKLend exploit, as they remain stuck in uncertainties surrounding their own fund retrieval.
Crypto Hack Retains Dominance in 2025
The zkLend exploit was first reported on February 11, when a hacker exploited a decimal precision vulnerability in the protocol’s Starknet-based smart contract.
The following day, zkLend confirmed a loss of $9.6 million and later announced a $500,000 bounty for any verifiable information leading to the hacker’s arrest and the return of stolen funds.
The zkLend exploit is part of a larger wave of crypto hacks in 2025. Just days after the breach, Bybit, one of the largest cryptocurrency exchanges, suffered a major hack, resulting in the unauthorized withdrawal of $1.46 billion in liquid-staked Ether (ETH) and MegaETH (mETH).
While Bybit assured its users that no customer funds were lost, the exchange has little hope of recovering the stolen assets.
A report from blockchain security platform Immunefi highlights the alarming rise in crypto scams and hacks.
In February 2025 alone, the crypto space suffered losses of approximately $1.529 billion across nine major incidents.
Notably, this figure has already surpassed the total crypto-related losses recorded for the entirety of 2024, which stood at $1.49 billion. It also marks a staggering 20-fold rise from January 2025, when total losses were recorded at $73.9 million.
Among the biggest victims were Bybit ($1.46 billion), stablecoin bank Infini ($49.5 million), the zkLend exploit ($9.6 million), Ionic Money ($8.6 million), and Cardex ($400,000).
Frequently Asked Questions (FAQs)
While zkLend has not explicitly stated a deadline for claims, recovery portals in past crypto hacks have often imposed strict timeframes. Victims should stay updated through zkLend’s official channels to avoid missing out on potential reimbursements.
Aside from offering a $500,000 bounty for information leading to the hacker’s arrest, zkLend has not disclosed specific legal steps. However, similar cases in the past have involved law enforcement agencies and blockchain analytics firms tracking stolen funds.
Unlike insurance, which guarantees payouts based on predefined terms, zkLend’s recovery efforts rely on discretionary fund distribution. This means that victims may not recover their full losses, as payouts depend on available funds and external factors.
The post zkLend Launches Recovery Portal for Victims of the Drained $9.6 Million appeared first on Cryptonews.
