ZKsync Confirms Exploit Targeting Unclaimed Airdrop Tokens Enabled an Unauthorized Actor to Drain Approximately $5 Million

ZKsync has confirmed that a compromised administrator wallet enabled an unauthorized actor to drain approximately $5 million worth of ZK tokens from the protocol's airdrop distribution contracts.

The cryptocurrency protocol ZKsync has become the latest victim of a major exploit, with an administrator wallet compromise leading to the theft of around $5 million in ZK tokens from the protocol’s airdrop distribution contracts.

The exploit was quickly contained by the ZKsync security team, who confirmed that the breach was isolated to the unclaimed portion of the airdrop and did not affect user funds or the core protocol infrastructure.

The exploit was detected on August 15, with the compromised key being used to call a function within one of the three airdrop contracts, enabling the minting and transfer of approximately 111 million unclaimed ZK tokens to the exploiter’s address.

The ZK token contract, the ZKsync protocol itself, and governance-related contracts are all confirmed to be secure.

The sweep targeted only the unclaimed token allocations from the ZKsync airdrop, which was conducted in June. The exploit is limited to the functionality of the specific airdrop distribution contracts. All tokens that could be accessed through this method have already been minted, and the exploit has been contained.

The exploiter’s address, shared by ZKsync, is still holding the majority of the drained funds. The ZKsync security team is working with exchanges and blockchain monitoring organizations like @_seal_org to track the tokens and prevent further movement.

The protocol has also invited the exploiter to contact the team via their dedicated security channel, to arrange the return of the stolen funds.

Shortly after news of the breach surfaced, the price of ZK tokens was seen declining from highs of $0.047 to lows of $0.039. The token has since seen a minor recovery, trading at $0.04606 at the last check.

This price movement showcases the heightened sensitivity of cryptocurrency investors to events related to protocol security.

In response to the incident, ZKsync plans to introduce several changes to its security infrastructure. These enhancements include transitioning to multi-party computation (MPC) wallets, deploying real-time transaction monitoring systems, and increasing decentralization with new governance mechanisms for treasury management.

Earlier this year, ZKsync completed a major upgrade to its mainnet, rolling out its ‘zkSync 2.0’ scaling solution. The protocol also announced plans for an upcoming token distribution event.

ZKsync's token distribution strategy, which allocates 89% of tokens to users and 11% to ecosystem partners and developers, is also being reviewed following the incident.

The protocol is currently engaged in an investigation to fully understand the scope of the breach and identify the parties responsible.