Hackers Hits ZKsync Cart Away $5M in ZK Tokens Via Admin
ZKsync, an Ethereum layer 2 protocol, suffered a security breach due to a compromised administrator account, resulting in the theft of approximately $5 million worth of airdropped tokens.
Hackers exploited an administrator account on ZKsync, an Ethereum layer 2 protocol, and made off with $5 million in ZK tokens. ZKsync confirmed the theft of the airdropped tokens, attributing it to the compromised admin account.
The stolen funds were part of the remaining unclaimed tokens from the ZKsync airdrop. The project ensures necessary security measures are in place to address the issue. ZKsync states the incident was isolated and limited to the ZK Token airdrop contract.
Cause of the Security Breach
The breach occurred due to a compromised key which is an administrator, this allowed the hacker to access the airdrop reserve. The attacker exploited the sweepUnclaimed function, minting approximately 111 million unclaimed ZK tokens from the airdrop contracts.
The incident led to a significant sell-off, resulting in a dramatic price drop of the ZK token. Following the announcement, the token’s price fell by 15% to $0.0456 per unit, with trading volume increasing by 143% to $87 million.
Furthermore, the platform has initiated an internal investigation and is working with the Security Alliance and exchanges to recover the stolen funds. The team has requested patience from affected parties as they coordinate recovery efforts.
ZKsync emphasized that the incident was limited to the airdrop distribution contracts and did not affect the ZKsync protocol, ZK token contract, governance contracts, or active Token Program capped miners.
Community Reaction
The incident has sparked outrage among community members who were expecting to receive a portion of the ZKsync airdrop. Some users accused ZKsync of mismanagement and suggested that the team was trying to exit the project.
One user questioned why such incidents only seem to happen with funds allocated for users and the community, rather than with the team’s salaries. Another user expressed skepticism about the project’s intentions, suggesting that ZKsync was trying to play down the incident.
The firm on the other hand, has urged the attacker to contact them at security@zksync.io to discuss the potential return of the stolen funds and avoid legal consequences. The attacker still holds the majority of the funds in the compromised account.
ZKsync is working to resolve the issue and prevent similar incidents in the future. The project has emphasized its commitment to security and user trust.
