zkLend Shuts Down Four Months After Hack

Reading Time: 2 minutes

• DeFi platform zkLend has announced it’s shutting down months after being hacked
• The platform attributed the decision to the February hack and its native token being delisted from major exchanges
• zkLend will give existing users time to withdraw their funds

DeFi platform zkLend has announced that it’s shutting down, four months after losing close to $10 million in a hack. zkLend attributed the move to the February hack and its token, ZEND, being delisted from Bybit and other top crypto exchanges due to its failure to satisfy things like trading volume and liquidity. The protocol noted it will allow existing users to close their positions and withdraw their funds, adding that it’ll use its $200,000 treasury balance to “support affected users through the recovery fund.”

Digital Forensics: Hack Impacted User Confidence

In an announcement, zkLend said that the hack affected users’ confidence, leading to reduced revenues as users evaded the platform. Combined with ZEND delisting, it “significantly” limited the platform’s capacity to “effectively allocate [funds] toward any new initiatives.”

Dear zkLend Community,

It is with a heavy heart that we announce our decision to wind down zkLend.

This decision was not made lightly. Over recent months, the exploit we suffered has deeply eroded user confidence, and furthermore, the recent removal of ZEND from major exchanges…

— zkLend (@zkLend) June 25, 2025

To support existing users during the wind-down process, the platform said its kSTRK, Recovery, and DeFiSprings portals will remain accessible for users to either claim or unstake their tokens. 

zkLend will also continue engaging blockchain sleuths like ZeroShadow to track the hacked funds, noting that recovered funds will be returned to affected users. The protocol added that it’ll open-source its codebase to allow interested entities to continue its development. 

Digital Forensics: Hacker Did the Heavy Lifting for Scammers

zkLend’s attacker exploited a weakness in the protocol’s rounding function. The hacker, however, lost the funds to a Tornado Cash scam when trying to move the funds through coin mixing services, further complicating the recovery process.

The DeFi protocol isn’t the first blockchain project to shut down after a hack. Conic Finance and Harpie have also made similar moves this year. Others like Alpaca Finance, however, have also announced similar moves due to low usage, but not a hack.

With zkLend shutting down, it’s unclear how it’ll reimburse hack victims in case it recovers the funds in the future.