1 day ago
ZKsync has recovered $5.7 cardinal worthy of stolen ZK and ETH tokens aft the hacker agreed to instrumentality 90% of the funds.
The ZKsync Association has confirmed the betterment of $5 cardinal worthy of stolen tokens from an April 15 ZKsync information incidental involving its airdrop organisation contract.
The hacker agreed to judge a 10% bounty and instrumentality 90% of the remaining stolen tokens, transferring the ZKsync Security Council astir $5.7 cardinal crossed 3 transfers connected April 23.
“We’re pleased to stock that the hacker has cooperated and returned the funds wrong the harmless harbor deadline,” ZKsync Association posted to X connected April 23, which was aboriginal reposted by ZKsync’s X account.
Matter Labs, the institution down the ZKsync protocol, besides reposted the quality shared connected X.
The ZKsync X relationship antecedently confirmed that no idiosyncratic funds were compromised.
Source: ZKsync AssociationThe hacker sent 2 transfers connected the ZKsync Era blockchain, consisting of $2.47 cardinal worthy of ZKsync (ZK) tokens and $1.83 cardinal worthy of Ether (ETH) to the ZKsync Security Council’s ZKsync Era address.
Another 776 ETH worthy astir $1.4 cardinal was besides sent to their information council’s Ethereum address, Etherscan data shows.
The archetypal transportation was made connected April 23 astatine 2:39:57 p.m. UTC connected and the past transportation was made astir 13 minutes aboriginal — each wrong the 72-hour model that ZK Sync had initially set.
ZKsync Association said the institution would people a last study revealing much details from the information incident.
How the hack happened
The hacker breached ZKsync’s admin account, allowing them to exploit the airdrop organisation contract's sweepUnclaimed() relation to mint 111 cardinal unclaimed ZK tokens, worthy astir $5 cardinal astatine the clip of the April 15 attack.
The hack occurred portion ZKsync was successful the process of airdropping 17.5% of ZK’s token proviso to ecosystem participants.
The recovered magnitude — astir $5.7 cardinal — exceeded the $5 cardinal primitively stolen owed to a emergence successful the marketplace worth of the stolen tokens, with ZK and ETH expanding 16.6% and 8.8% respectively since the April 15 attack, according to CoinGecko data.
Despite the plus recovery, the ZK token failed to emergence substantially connected the quality and is presently down 0.2% implicit the past 24 hours.
ZKsync Era is an Ethereum furniture 2 solution that uses zero-knowledge rollups to batch and process transactions offchain. It has astir $59 cardinal successful full worth locked connected its concatenation and has implicit $2 cardinal successful real-world assets onchain, according to DefiLlama and RWA.xyz.
Magazine: Ethereum maxis should go ‘assholes’ to triumph TradFi tokenization race
English (US) 