ZKsync’s security team announced it had uncovered a $5 million heist of ZK tokens, shaking confidence in the Ethereum layer-2 network. The breach, traced to a compromised administrative account, has prompted urgent measures to safeguard users and restore trust. Investigations are ongoing to prevent future incidents.
ZKsync Falls Victim to $5M Hack
On April 15, ZKsync, a layer-2 scaling solution for Ethereum, reported that approximately $5 million worth of ZK tokens were stolen from an Airdrop reserve. The theft was executed through a compromised admin account, which granted unauthorized access to unclaimed tokens from a prior airdrop campaign.
The attackers immediately moved the stolen tokens to external wallets, with reports indicating that 66 million of the 110 million minted tokens were sold on-chain, causing immediate market disruption. ZKsync’s team detected the breach during routine monitoring and isolated the affected account to prevent further losses.
The security team is now collaborating with blockchain forensics experts to trace the hackers and recover the assets. This incident highlights vulnerabilities in administrative key management, an essential aspect of decentralized platforms.
Others Share ZKsync’s Woe
The heist triggered a 15-20% drop in ZK token value, though prices later showed signs of recovery. While user funds were safe, the breach eroded trust in ZKsync’s administrative controls, raising concerns among investors and developers. The team’s prompt response, including enhanced security protocols, aims to rebuild confidence. ZKsync’s leadership has pledged transparency and stronger measures to protect its growing network, which continues to support scalable, low-cost Ethereum transactions.
Like ZKsync, KiloEx, a decentralized perpetual futures trading platform, suffered a severe hack that resulted in a $7 million loss. This exploit targeted vulnerabilities within the platform’s price oracle system and affected assets across the BNB Chain, Base, and Taiko networks.
Also, UPCX, a prominent blockchain platform, has suspended operations after a $70 million hack, which blockchain security firm Cyvers confirmed. The hack dealt a severe blow to the platform’s reputation and raised concerns about the security and integrity of blockchain systems.
