Hacker mints $5M in ZK tokens after compromising ZKsync admin account
A hacker compromised a ZKsync admin account on April 15, minting $5 million worth of unclaimed airdrop tokens, according to a statement from the official ZKsync X account. The attack was described as isolated, with no us...
Archive context
Older archive item. Useful for background and entity history, but not a fresh market-moving signal.
A hacker compromised a ZKsync admin account on April 15, minting $5 million worth of unclaimed airdrop tokens, according to a statement from the official ZKsync X account. The attack was described as isolated, with no user funds affected.
Following an investigation, ZKsync detailed the incident on April 15, disclosing that the compromised account had administrative control over three airdrop distribution contracts. The attacker exploited a function called sweepUnclaimed() to mint 111 million unclaimed ZK tokens, increasing the total token supply by 0.45%. As of the latest update, the attacker still held control of most of the stolen funds.
Source: ZKsync
ZKsync is coordinating recovery efforts with the Security Alliance (SEAL). According to the protocol, its governance and token contracts are unaffected. The company stated that no further exploits are possible via the “sweepUnclaimed()” vector.
ZKsync is an Ethereum layer-2 protocol that processes main-layer transactions in batches using a technology called zero-knowledge rollups. The ZKsync Era platform has $57.3 million in total value locked as of April 15, according to DefiLlama. ZKsync had been in the process of airdropping 17.5% of its token supply to ecosystem participants.
Related: DeFi platform KiloEx offers $750K bounty to hacker
ZK token drops 7% in 24-hour tradingZKsync’s token, ZK (ZK), saw volatile price action in the wake of the hack and the project’s public disclosure on X. Around 1:00 pm UTC, the token had dropped 16%, falling to $0.040 before rebounding to $0.047 at the time of writing. Despite the bounce, ZK remains down 7% over the past 24 hours.
Overall, $2 billion has been lost to crypto hacks in the first quarter of 2025 alone, just $300 million less than the total lost in 2024.
Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis
Why this matters
This cryptocurrency story adds another data point to the current market tape and is useful when read alongside nearby source coverage.
Original source
Read on CointelegraphRelated market context
2026 World Cup final between Argentina and Spain puts crypto sports betting and fan tokens in the spotlight
The 2026 World Cup final between Argentina and Spain on July 19 puts crypto sportsbooks and fan tokens in focus as billions tune i...
World Cup final brings Messi’s crypto empire back into focus as fan tokens surge
The 2026 World Cup final between Spain and Argentina puts Messi's $20M Socios deal and the $3.8B fan token market back in the spot...
Lamine Yamal’s World Cup run sparks neighborhood pride and a wave of unauthorized crypto tokens
Unofficial $YAMAL fan tokens on Solana emerge as Spain's Lamine Yamal heads to the 2026 World Cup final, but with market caps unde...
Futures tumble as DeepSeek sparks chip meltdown, crypto scam tokens flood Solana and Ethereum
DeepSeek's AI models wiped $589 billion from Nvidia's market cap and triggered a wave of scam tokens on Solana and Ethereum with n...
Trusted Volumes Hacker Returns 1,122 ETH, Keeps $2M Bounty
A hacker tied to the Trusted Volumes exploit has returned 1,122 ETH to the protocol, closing part of a security incident that bega...
Argentina Freezes 25 Crypto Accounts: Investigation of LIBRA Memecoin
Key Takeaways: Argentine authorities froze 25 crypto wallets linked to the LIBRA token and requested user data from major exchange...