ZK Token Falls 12% After $5M Hacker Exploit

The ZKsync ecosystem is rocked by a targeted security breach and loses $5M worth of token and the value of the ZK token goes down sharply.

ZKsync security confirmed that this was an attack against the admin account used in association with the airdrop distribution contract. It allowed for the attacker to mint close to 111 million unclaimed ZK tokens by exerting influence on the sweepUnclaimed() function managing the airdrop distribution increase circulating supply around 0.45%.

Shortly thereafter, the attacker transferred newly minted tokens, which were then sold by them, further increasing market pressure.

ZKsync Confirms Core Protocol Remains Secure

ZK token plunged by nearly 20% after the breach, with its upward momentum since the June 2024 launch wiped clean and now one of the steepest declines in the crypto market this week. The token has recovered slightly from its reported time but still is 12% down from intra day high.

The ZKsync team however managed to assure users that none of their core protocol components nor user assets were compromised in any way after the breach. “We can confirm that all user funds are safe and were never at risk, the airdrop was compromised in the airdrop contract, and this does not affect other parts of the individually audited protocol,” they said in a post on X.

The team recognized that the compromised admin account had been identified and that they work in close contact with blockchain security firm @_seal_org and major crypto exchanges to help recover the stolen assets. In addition, they have had an appeal to the attacker to return the money voluntarily, also indicating that legal action may follow if they don’t.

It is the second big crypto hack this week, stoking wider market jitters and inquiring to which accounts in the decentralized spaces do the admin privileges reside. While the attack affected only one blockchain, analysts point out that the case shows smart contracts tied to token distribution should have robust access controls.

Inventor of ZKsync, Alexzk, has since confirmed that a full investigation is underway, with a more detailed update to come in the coming days.

Investor sentiment has been shaken, but ZKsync has been quick to respond and to communicate transparently, which supported confidence in the token’s short term trading performance.