DeFi Projects Under Siege: Security Breaches and Hacker Negotiations

The decentralized finance (DeFi) sector is grappling with significant security challenges as multiple projects face multimillion-dollar hacks. Notably, zkLend has confirmed a breach resulting in over $9 million stolen, prompting the team to engage in negotiations with the hacker. Meanwhile, Liquity is investigating a potential issue with its Stability Pools, urging users to remain vigilant against scams.

Key Takeaways

• zkLend hacked for over $9 million, negotiations with the hacker initiated.
• Liquity investigating a potential security issue with its Stability Pools.
• Users advised to be cautious of scams and only interact with verified sources.

Recent Security Incidents in DeFi

The DeFi landscape has been increasingly targeted by cybercriminals, with zkLend being the latest victim. The protocol confirmed the hack on February 13, 2025, revealing that over $9 million was stolen. In response, zkLend's team is actively tracking the stolen funds and has reached out to the hacker with a proposal to return the majority of the funds in exchange for a bounty.

zkLend's Negotiation Strategy

• Amount Stolen: Over $9 million
• Hacker's Offer: Keep 10% as a bounty, return 90% (3,300 ETH)
• Current Status: Hacker has until 00:00 UTC, February 14, 2025, to respond.

The team has assured users that they will not pursue any legal action if the funds are returned. However, as of the latest update, the hacker's Ethereum address shows a balance of only 0.5 ETH, indicating no funds have been returned yet.

Liquity's Ongoing Investigation

In a separate incident, Liquity has alerted its users about a potential security issue with its V2 Stability Pools. While the team has not confirmed any losses, they have advised users to close their positions in the affected pool to mitigate risks. The protocol has also warned users about potential scams, urging them to interact only with known frontends and official communication channels.

User Safety Measures

• Close Positions: Users are advised to close positions in the affected pool.
• Beware of Scammers: Liquity has identified impersonators claiming to be part of their team.
• Official Communication: Users should rely on verified sources for information.

The Broader Impact on DeFi

These incidents highlight the ongoing vulnerabilities within the DeFi sector, raising concerns about the security of decentralized platforms. As the industry continues to grow, the frequency of such attacks may increase, prompting a need for enhanced security measures and user education.

Conclusion

The recent hacks affecting zkLend and Liquity serve as a stark reminder of the risks associated with DeFi projects. As negotiations with hackers unfold and investigations continue, users must remain vigilant and informed to protect their assets in this rapidly evolving landscape.

Sources

• More DeFi projects run into security issues, negotiations with a hacker begin | Cybernews, Cybernews.