icon
icon
icon
icon
$300 Off
$300 Off

News /

Articles /

ZKSync's Security Breach: 111M Tokens Stolen, 90% Returned

Coin WorldFriday, Apr 25, 2025 10:39 am ET
1min read

ZKSync, a prominent layer-2 scaling solution for Ethereum, recently faced a significant security breach involving its airdrop distribution contracts. The incident, which occurred on April 15, resulted in the unauthorized minting of approximately 111 million zk tokens, valued at around $5 million at the time. The vulnerability was isolated to the airdrop contracts and did not impact the broader protocol infrastructure, ZK token contract, or governance operations.

The hacker exploited a compromised admin key to bypass standard allocation mechanisms and claim unclaimed tokens from the network’s first distribution round. On-chain data revealed that the attacker subsequently swapped about $3.5 million in stolen ZK tokens for Ethereum (ETH). Despite the breach, ZKSync assured users that customer funds and core infrastructure remained secure.

In response to the incident, ZKSync’s Security Council took swift action to mitigate the damage. They issued an on-chain message to the attacker, offering a 10% bounty for returning 90% of the exploited funds within a 72-hour “safe harbor” window. The proposal included specific wallet addresses for transferring ZK and ETH tokens across the ZKSync Era network and Ethereum’s mainnet. The agreement was contingent on the full return of funds by the stated deadline.

The hacker agreed to the terms, and the funds were successfully returned within the specified timeframe. ZKSync confirmed the resolution of the matter on April 23, stating that the recovered assets are now held in custody by the Security Council. The final decision on the use of these assets will be determined by protocol governance. A detailed forensic report on the incident and subsequent recovery is currently being prepared.

The negotiated return of the funds avoided the need for prolonged legal proceedings and potential escalation. ZKSync has stated that it will not take further action against the attacker, emphasizing the importance of resolving the issue amicably. The incident has prompted renewed scrutiny over smart contract access controls, particularly regarding admin key security and airdrop mechanisms.

Ask Aime: How did ZKSync's security breach impact its token distribution and what measures were taken to resolve the issue?

Despite the swift recovery, the exploit temporarily inflated the ZK token supply and triggered a market reaction. However, the price of ZK did not react significantly to the news, with just a 0.5% increase since the announcement of the agreement and recovery of funds. This suggests that the market has confidence in ZKSync’s ability to handle such incidents and maintain the integrity of its protocol.

Comments

Add a public comment...
Post
User avatar and name identifying the post author
SimilarAd2373
04/25
ZKSync's hacker got a 10% cut, like a bad 'Breaking Bad' episode. Good thing they didn't need a longer 'safe harbor.' Market's shrug says they're still the king of crypto comedy.
0
Reply
User avatar and name identifying the post author
j4_jjjj
04/25
OMG!Those $ETH whale-sized options block were screaming danger! � Closed positions just in time profiting more than $481
0
Reply
Disclaimer: the above is a summary showing certain market information. AInvest is not responsible for any data errors, omissions or other information that may be displayed incorrectly as the data is derived from a third party source. Communications displaying market prices, data and other information available in this post are meant for informational purposes only and are not intended as an offer or solicitation for the purchase or sale of any security. Please do your own research when investing. All investments involve risk and the past performance of a security, or financial product does not guarantee future results or returns. Keep in mind that while diversification may help spread risk, it does not assure a profit, or protect against loss in a down market.
You Can Understand News Better with AI.
Whats the News impact on stock market?
Its impact is
fork
logo
AInvest
Aime Coplilot
Invest Smarter With AI Power.
Open App