ZKsync Recovers 90% of $5.7 Million Stolen in Security Breach

Generated by AI AgentCoin World
Thursday, Apr 24, 2025 4:52 am ET1min read
ETH
--

ZKsync, a prominent layer 2 solution on Ethereum, successfully recovered $5.7 million in stolen cryptocurrency following a security breach on April 15. The incident involved the unauthorized minting of 111 million ZK tokens, valued at approximately $5 million, by an attacker who exploited a compromised admin key. The hacker agreed to return 90% of the stolen funds within a 72-hour deadline in exchange for a 10% bounty, as negotiated by ZKsync's Security Council.

The breach occurred during ZKsync's airdrop process, which was distributing 17.5% of the ZK token supply to ecosystem participants. The vulnerability was isolated to the airdrop distribution contracts and did not impact the broader protocol infrastructure or user funds. The attacker swapped approximately $3.5 million of the stolen ZK tokens for Ethereum, causing a temporary inflation in the ZK token supply. However, the market reaction was minimal, with the token price showing little movement following the recovery announcement.

ZKsync's Security Council issued an on-chain message to the attacker, offering a 10% bounty in exchange for the return of 90% of the stolen funds. The hacker complied with the terms, making three separate transfers on April 23, all within the specified 72-hour window. The recovered assets, totaling nearly $5.7 million, included $2.47 million worth of ZK tokens, $1.83 million of Ether, and an additional 776 ETH worth about $1.4 million.

The swift resolution of the incident highlights an increasingly common approach in the crypto space, where projects offer bounties to hackers as an incentive for returning stolen funds. This method aims to avoid lengthy legal proceedings and potential confrontations. ZKsync confirmed that it would not take further action against the attacker and plans to publish a detailed forensic report about the incident. The recovered funds are now under the control of the Security Council, pending governance decisions about their future use.

The incident has prompted renewed scrutiny over smart contract access controls, particularly regarding admin key security and airdrop mechanisms. Despite the positive outcome of the fund recovery, the price of the ZK token showed little movement, with just a 0.5% increase after the announcement. The token was actually down 0.2% over the 24 hours following the recovery. ZKsync Era, the protocol affected by the breach, is an Ethereum layer 2 solution that uses zero-knowledge rollups to batch and process transactions off-chain. It has nearly $59 million in total value locked on its chain and hosts over $2 billion in real-world assets on-chain.