Close Menu
    Home / About / Advertise / Contact
    Business Crime

    Hacker Returns 90% of Funds After ZKsync Security Breach

    A hacker returned $5.7 million in stolen ZK and ETH tokens after accepting ZKsync's 10% bounty offer, concluding the April 15 airdrop contract breach.
    Maisie MorrisonBy No Comments4 Mins Read

    TLDR

    • ZKsync recovered approximately $5.7 million worth of stolen ZK and ETH tokens
    • The hacker accepted a 10% bounty and returned 90% of the stolen funds
    • The security breach occurred on April 15 and involved airdrop distribution contracts
    • The funds were returned via three separate transfers on April 23
    • No user funds were compromised during the incident

    ZKsync has successfully recovered $5.7 million worth of cryptocurrency after a hacker agreed to return the majority of funds stolen during an April 15 security breach. The recovery comes after the protocol’s Security Council offered a 10% bounty to the attacker in exchange for returning the remaining 90% of the stolen assets.

    The stolen funds were returned in three separate transfers on April 23, all completed within a 72-hour “safe harbor” deadline set by the ZKsync team. The recovery included both ZK tokens and Ethereum (ETH) sent to designated addresses on the ZKsync Era network and Ethereum mainnet.

    “We’re pleased to share that the hacker has cooperated and returned the funds within the safe harbor deadline,” announced the ZKsync Association on social media. The announcement was later reshared by ZKsync’s official account and Matter Labs, the company behind the protocol.

    Understanding the Breach

    The security incident stemmed from a compromised administrator account that gave the attacker unauthorized access to ZKsync’s airdrop distribution system. Using this access, the hacker exploited the sweepUnclaimed() function to mint 111 million ZK tokens that had not yet been claimed by users.

    This exploit happened during ZKsync’s token distribution event, which was in the process of airdropping 17.5% of the total ZK token supply to participants in its ecosystem. The breach was confined to the distribution contracts and did not affect the core protocol infrastructure.

    After obtaining the tokens, the attacker converted approximately $3.5 million worth of the stolen ZK tokens to Ethereum, according to on-chain data. The total value of stolen assets was estimated at $5 million at the time of the hack.

    ZKsync quickly assured users that their personal funds remained safe throughout the incident. The team emphasized that the vulnerability was isolated to the airdrop mechanism and did not compromise any user wallets or the broader ZKsync network.

    The Recovery Strategy

    Rather than pursuing legal action immediately, ZKsync’s Security Council took a pragmatic approach to recovering the funds. They sent an on-chain message directly to the attacker with a straightforward offer: return 90% of the stolen funds and keep 10% as a bounty reward.

    The council provided specific wallet addresses for the return of both ZK tokens and ETH across the ZKsync Era network and Ethereum’s mainnet. The agreement stipulated that all funds must be returned within the 72-hour deadline.

    This strategy proved successful when the hacker initiated the first transfer on April 23 at 2:39:57 pm UTC. Two additional transfers followed within 13 minutes, completing the return of funds well within the established timeframe.

    What Happens Next

    The returned assets—now valued at nearly $5.7 million due to price increases in both ZK and ETH since the theft—are currently being held by the ZKsync Security Council. The final allocation of these recovered funds will be determined through the protocol’s governance process.

    ZKsync has committed to publishing a comprehensive forensic report detailing the security incident and recovery process. This report will likely provide additional insights into how the breach occurred and what measures are being implemented to prevent similar exploits in the future.

    Despite the successful recovery, the ZK token price showed minimal reaction to the news. The token was actually down 0.2% over the 24 hours following the announcement, according to market data.

    ZKsync Era, the layer 2 scaling solution affected by the breach, continues to operate normally. The platform uses zero-knowledge rollups to process Ethereum transactions more efficiently and at lower cost. Current metrics show nearly $59 million in total value locked on the chain and over $2 billion in real-world assets deployed through the protocol.

    The incident highlights an emerging trend in the cryptocurrency space where projects offer bounties to incentivize the return of stolen funds, often proving more effective than traditional recovery methods. By avoiding lengthy legal proceedings, ZKsync was able to recover the assets quickly and without further disruption to their ecosystem.

    Stay Ahead of the Market with Benzinga Pro!

    Want to trade like a pro? Benzinga Pro gives you the edge you need in today's fast-paced markets. Get real-time news, exclusive insights, and powerful tools trusted by professional traders:
    • Breaking market-moving stories before they hit mainstream media
    • Live audio squawk for hands-free market updates
    • Advanced stock scanner to spot promising trades
    • Expert trade ideas and on-demand support
    Don't let opportunities slip away. Start your free trial of Benzinga Pro today and take your trading to the next level!

    Visit Benzinga Pro

    Share.
    Avatar photo

    Maisie is an experienced Crypto & Financial news journalist, having written for Blockonomi.com, Computing.net and is Editor in Chief at Blockfresh.com

    Related Posts

    Add A Comment

    Comments are closed.

    EXCLUSIVE: 200% Welcome Bonus | $1M+ Weekly Lottery & More!