A recent security breach has led to a significant drop in the ZK price, as hackers managed to drain $5 million worth of tokens from a compromised admin account.
The attack, which targeted the ZKsync protocol, triggered a sharp decline in the value of the ZK token, which had been experiencing positive momentum since its launch in June 2024.
Details of the ZKsync Security Breach
On April 15, the ZKsync security team confirmed that an attacker had gained control of an admin account managing the airdrop contract. The hack involved the creation of roughly 111 million unclaimed ZK tokens, which were then embezzled. The attacker successfully utilized this vulnerability by invoking the sweepUnclaimed() function to create and transfer the unclaimed tokens.
The admin account exploited and controlled the airdrop contract, a counter that distributed ZK tokens to users.
The minting transaction added approximately 0.45% of the total ZK token supply to the circulating supply of the tokens. The lost tokens were pegged at about $5 million. The attack only affected the airdrop distribution smart contracts; other contracts within the ZKsync protocol were not impacted.
User Funds Remain Safe
The ZKsync team reassured users that no user funds were at risk during the attack. The protocol and the ZK token contract remained secure. In a post on X, the security team stated, “All user funds are safe and were never at risk,” adding that “necessary security measures” were being taken. They also emphasized that the incident was isolated and confined to the airdrop contract.
According to the team investigation, the compromised admin account’s address was identified, and the ZKsync team will work with organizations to recover the stolen funds.
They also encourage the attacker to contact them for negotiations regarding the return of the stolen tokens. “We are coordinating the recovery efforts with @_seal_org and exchanges,” the team mentioned.
ZK Price Decline Following the Breach
Following the crypto hack, ZK’s price dropped significantly, which is the second of the major crypto crashes witnessed this week. After the announcement, ZK’s price fell by around 20%, likely due to the hacker selling the stolen tokens on the market. By the time of the report, the price had recovered slightly but was still down about 12% from the intra-day high.
This price drop directly responds to the increased circulation of tokens due to the hack. The influx of additional tokens into the market raised concerns among investors, contributing to the decline.
However, the ZKsync team’s assurance that no further vulnerabilities exist has calmed some fears, although the price has not fully recovered.
Ongoing Investigation and Recovery Efforts
ZKsync has stated that the investigation into the incident is ongoing. According to Zksync inventor Alexzk, a more detailed update will be shared once the team has completed its findings.
In addition, the ZKsync team is actively working with exchanges to help recover the stolen funds. They have also contacted the attacker to facilitate the return of the stolen tokens, warning that legal consequences could follow if the situation is not resolved.
While the attack’s immediate impact has temporarily dropped the price of ZK tokens, the team remains confident in the overall security of the ZKsync protocol.
The post ZK Price Falls 12% As Crypto Hacker Drains $5 Million From Admin Account appeared first on CoinGape.
