(1/2)
1/ 🧵According to our analysis, about $9.5M was exploited from 
@zkLend
 by hacker. These funds were bridged from #Starknet to various other networks. Most of the stolen funds were bridged to the following #Ethereum addresses:
- 0xcd1c290198e12c4c1809271e683572fbf977bb63
- 0x0b7d061d91018aab823a755020e625ffe8b93074
- 0x645c77833833a6654f7edaa977ebeabc680a9109

It is worth noting that 0x645c has many historical transactions, with the first recorded transaction being on June 22, 2024. This address has records of interacting with the #Binance on Ethereum, BSC, and Base networks, and may also be a third-party trading platform nested in Binance. This address also has traces of interacting with #ChangeNOW and #Hitbtc on the Ethereum network.