ZKsync Hacker Returns Funds After Accepting 10% Bounty Offer

The decentralized organization behind ZKsync, known as ZK Nation, confirmed Wednesday that it has recovered the majority of funds stolen in a recent exploit

The decentralized organization behind ZKsync, known as ZK Nation, confirmed Wednesday that it has recovered the majority of funds stolen in a recent exploit after the attacker accepted a 10% bounty offer.

The organization confirmed in a post on X that the returned assets are now in the custody of the protocol’s Security Council, which will defer to governance to determine next steps regarding the funds. A full investigation report is still in progress and will be released publicly once finalized.

Earlier this week, the council stated that it’s reached an agreement with the exploiter to return 90% of the stolen funds and keep 10% as a bounty. If the attacker fails to meet the deadline, the council will escalate the case to the appropriate authorities.

“The administration wallet, which was not used in the operation of the protocol and did not affect any user funds, was compromised on April 15,” ZKsync noted.

The incident occurred when a hacker took over an admin wallet containing approximately $5 million in unclaimed ZK tokens left over from the recent ZKsync airdrop. ZKsync’s team quickly assured users that no individual funds were compromised and that the exploit posed no broader risk to the network.

The move reflects a growing trend of Web3 protocols using bounty programs to recover stolen assets while reducing damage and legal friction.

Last month, blockchain analytics firm Chainalysis reported that cryptocurrency theft rose by 68% in 2023, reaching $3.8 billion. The majority of stolen cryptocurrency was later recovered.