A hacker compromised a ZKSYNC admin account on April 15, mating a $ 5 million worth of unacceptable AirDrop tokens, According to in a statement from the official Zksync X account. The attack is described as isolated, with no user’s affected funds.
Following an investigation, zksync detailed The incident on April 15, revealed that the compromised account was administrative control over three AirDrop distribution contracts. The attack took advantage of a function called Sweepunclaimed () up to Mint 111 million unacceptable ZK tokens, increasing the total supply of the token by 0.45%. As with the latest update, the attack will still hold the control of most stolen funds.
Source: ZKSYNC
Zkssync has links recovery efforts to Security alliance (Seal). According to the protocol, management and tokens contracts will not be affected. The company said no further exploitation was possible by “Sweepunclaimed ()” vector.
Zksync is a protocol of Ethereum Layer-2 that processes transactions in the main layer in batches using a technology called zero-knowledge rollups. The ZKSYNC ERA platform has $ 57.3 million in total amount locked until April 15, According to In Defillama. Zkssync is in the process of being anestled 17.5% of its token supply to the participants of the ecosystem.
Related: Defi Platform Kiloex offers a $ 750k bounty to hacker
ZK token drops 7% to 24 -hour trade
Zkync’s token, ZK (ZK), saw a changing price action at the end of the hack and the project public on X. At 1:00 pm UTC, the token dropped 16%, falling to $ 0.040 before rebounding to $ 0.047 at the time of writing. Despite the bounce, ZK remains 7% down to the past 24 hours.
In general, $ 2 billion lost in crypto hacks In the first quarter of 2025 only, just $ 300 million less than the total lost in 2024.
Magazine: The Lazarus Group’s favorite exploitation – Crypto Hacks Review
