{"id":22284,"date":"2025-04-16T05:46:47","date_gmt":"2025-04-16T05:46:47","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=22284"},"modified":"2025-04-16T05:46:47","modified_gmt":"2025-04-16T05:46:47","slug":"ethereum-layer-2-zksync-airdrop-account-hacked-for-5m","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=22284","title":{"rendered":"Ethereum Layer-2 ZKsync Airdrop Account Hacked for $5M"},"content":{"rendered":"<div>\n<p>On April 15, the team behind the Ethereum scaling network, ZKsync, identified a compromised admin account that took control of $5 million worth of ZK tokens.\u00a0These were the remaining unclaimed coins from the ZKsync airdrop, they added.<\/p>\n<p>The team reassured users that all their funds are safe and have never been at risk. \u201cThe ZKsync protocol and ZK token contract remained secure, and no further ZK is at risk,\u201d they said.<\/p>\n<blockquote>\n<p>\u201cThis is an isolated incident caused by a compromised key and confined to the ZK Token airdrop contract.\u201d<\/p>\n<\/blockquote>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">ZKsync security team has identified a compromised admin account that took control of ~$5M worth of ZK tokens \u2014 the remaining unclaimed tokens from the ZKsync airdrop. Necessary security measures are being taken.<\/p>\n<p>All user funds are safe and have never been at risk. The ZKsync\u2026<\/p>\n<p>\u2014 ZKsync (\u220e, \u2206) (@zksync) <a href=\"https:\/\/twitter.com\/zksync\/status\/1912141160744632737?ref_src=twsrc%5Etfw\" data-wpel-link=\"external\" target=\"_blank\">April 15, 2025<\/a><\/p>\n<\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2>$5 Million Stolen<\/h2>\n<p>A short time later, the team posted an update stating that the account that was the admin of the three <a href=\"https:\/\/cryptopotato.com\/from-pengu-to-zksync-pudgy-penguins-massive-airdrop-windfall-explained\/\" data-wpel-link=\"internal\">airdrop<\/a> distribution contracts had been compromised.\u00a0The attacker called a function that minted approximately 111 million unclaimed ZK tokens from the airdrop contracts.<\/p>\n<p>The transaction inflated the amount of tokens in circulation by around 0.45% of the total supply and caused a brief dip in spot prices.<\/p>\n<blockquote>\n<p>\u201cThis incident is contained to the airdrop distribution contracts only and all the funds that could be minted have been minted. No further exploits via this method are possible.\u201d<\/p>\n<\/blockquote>\n<p>They noted that the hacker still held funds in an <a href=\"https:\/\/era.zksync.network\/address\/0xb1027ed67f89c9f588e097f70807163fec1005d3#asset-multichain\" target=\"_blank\" rel=\"noopener\" data-wpel-link=\"external\">account<\/a> that contained 44 million ZK tokens worth $2.1 million and around 2,200 ETH worth $3.4 million.<\/p>\n<p>When asked why the unclaimed airdrop tokens were left in the contract, co-founder and CEO of ZKsync, Alex Gluchowski, said, \u201cThe unminted supply was supposed to go back to the Token Assembly,\u201d before adding, \u201cWe\u2019re investigating why this didn\u2019t happen.\u201d<\/p>\n<blockquote>\n<p>\u201cThe attacker is facing criminal liability. It\u2019s in their best interest to investigate the funds return ASAP,\u201d he said.<\/p>\n<\/blockquote>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">We\u2019re actively investigating this incident and will publish the full update once the investigation and recovery efforts are complete.<\/p>\n<p>I am happy to take your questions here and will answer them to the best of my knowledge. <a href=\"https:\/\/t.co\/yPgpNeQq5D\" data-wpel-link=\"external\" target=\"_blank\">https:\/\/t.co\/yPgpNeQq5D<\/a><\/p>\n<p>\u2014 ALEX | ZK \u220e (@gluk64) <a href=\"https:\/\/twitter.com\/gluk64\/status\/1912166820498329643?ref_src=twsrc%5Etfw\" data-wpel-link=\"external\" target=\"_blank\">April 15, 2025<\/a><\/p>\n<\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>ZKsync total value locked has tanked almost 80% since the beginning of February and was just over $60 million at the time of writing, <a href=\"https:\/\/defillama.com\/chain\/zkSync%20Era\" target=\"_blank\" rel=\"noopener\" data-wpel-link=\"external\">according<\/a> to DeFiLlama.<\/p>\n<p>In June 2024, the platform\u00a0<a href=\"https:\/\/cryptopotato.com\/zksync-announces-historic-airdrop-with-3-6-billion-tokens-distributed\/\" target=\"_blank\" rel=\"noopener\" data-wpel-link=\"internal\">began airdropping<\/a> 17.5% of the total supply of tokens, or 3.67 billion ZK.<\/p>\n<h2>ZK Prices at ATL<\/h2>\n<p>The zero-knowledge rollup platform\u2019s native token, ZK, tanked 13% immediately after the hack in a fall to and all-time low of $0.0415. However, it quickly recovered almost all losses and was trading at $0.0472 at the time of writing.<\/p>\n<p>Nevertheless, ZK is trading at its lowest levels, having fallen 83% from a December high of $0.262 and its all-time high at the time of the airdrop of $0.321.<\/p>\n<p>The post <a href=\"https:\/\/cryptopotato.com\/ethereum-layer-2-zksync-airdrop-account-hacked-for-5m\/\" rel=\"nofollow\">Ethereum Layer-2 ZKsync Airdrop Account Hacked for $5M<\/a> appeared first on <a href=\"https:\/\/cryptopotato.com\/\" rel=\"nofollow\">CryptoPotato<\/a>.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>On April 15, the team behind the Ethereum scaling network, ZKsync, identified a compromised admin account that took control of $5 million worth of ZK tokens.\u00a0These were the remaining unclaimed coins from the ZKsync airdrop, they added. The team reassured users that all their funds are safe and have never been at risk. \u201cThe ZKsync [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-22284","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/22284","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=22284"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/22284\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=22284"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=22284"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=22284"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}