6 hours ago
A compromised admin relationship connected to ZKsync’s airdrop contracts executed a transaction that minted astir $5 cardinal worthy of ZK tokens, stealing the remaining unclaimed allocation from the network’s archetypal token distribution.
The attacker exploited a relation to assertion the tokens connected April 15 and issued astir 111 cardinal ZK tokens, equivalent to astir 0.45% of the protocol’s full token supply.
According to statements shared by ZKsync connected X, the exploit was confined to the airdrop organisation contracts. It did not impact the ZKsync protocol, the ZK token contract, governance infrastructure, oregon immoderate capped minters associated with the Token Program.
The protocol emphasized that idiosyncratic funds were ne'er astatine hazard and described the incidental arsenic isolated, resulting from a compromised backstage cardinal controlling the affected admin account.
The attacker has already swapped $3.5 cardinal of the stolen ZK tokens to Ethereum (ETH), as on-chain information points out.
ZKsync’s squad stated that betterment efforts are underway successful coordination with exchanges and blockchain information steadfast SEAL 911. The squad besides issued a nationalist telephone for the attacker to interaction them to negociate a instrumentality of the funds and debar ineligible consequences.
According to the team’s forensic investigation, the exploiter tin nary longer mint tokens utilizing the aforesaid method. The incidental has not impacted protocol-level operations oregon the information of ongoing governance activities.
After interior reviews and betterment actions conclude, the task volition merchandise a afloat post-mortem.
ZK token tanks
According to CryptoSlate data, the ZK token has fallen by 8.6% implicit the past 24 hours and is trading astatine $0.04513 arsenic of property time.
Since launch, the token has mislaid astir 90% of its value, a information raised by assemblage members successful the aftermath of the exploit.
In response, Matter Labs CEO Alex Gluchowski addressed concerns connected societal media and said the drawdown is comparable to Ethereum and different layer-2 networks amid the broader marketplace correction.
Gluchowski said:
“ETH and each different L2 is down importantly from their ATHs. Nevertheless, some myself and Matter Labs are arsenic committed arsenic ever to the ngo and occurrence of ZKsync. I besides spot precise bullish signs from the caller enactment of the Ethereum Foundation.”
Gluchowski added that helium would continue answering nationalist inquiries astir the incidental portion the probe remains active. ZKsync reiterated that they volition stock a method update erstwhile they decorativeness an ongoing information analysis.
Though constricted successful scope, the unauthorized minting has temporarily inflated the circulating proviso and prompted accrued scrutiny of cardinal absorption practices wrong ZKsync’s astute declaration deployments.
The station ZKsync admin wallet compromised successful $5 cardinal theft, ZK slides implicit 8% appeared archetypal connected CryptoSlate.
English (US) 