最近的安全漏洞導致ZK價格大幅下降

最近的安全漏洞導致了ZK價格大幅下降，因為黑客設法從受損的管理員帳戶中耗盡了價值500萬美元的代幣。

A recent security breach on ZKsync, a protocol focusing on rolling up transactions from several chains to reduce gas fees on the L1, has led to a significant drop in the ZK price. Hackers managed to drain $5 million worth of tokens from a compromised admin account, leading to a sharp decline in the value of the ZK token, which had been experiencing positive momentum since its launch in June 2024.

最近對ZKSYNC的安全性違反了，該協議的重點是從多個鏈中滾動交易以減少L1的汽油費，這導致ZK價格大幅下跌。黑客設法從折衷的行政帳戶中耗盡了價值500萬美元的代幣，導致ZK代幣的價值急劇下降，自2024年6月推出以來，ZK代幣的價值一直在經歷積極的勢頭。

The ZKsync security team confirmed on April 15 that an attacker had gained control of an admin account managing the airdrop contract. The hack involved the creation of roughly 111 million unclaimed ZK tokens, which were then embezzled. The attacker successfully utilized this vulnerability by invoking the sweepUnclaimed() function to create and transfer the unclaimed tokens.

ZKSYNC安全團隊在4月15日證實，攻擊者已控制了管理Airdrop合同的管理員帳戶。該黑客涉及創建大約1.11億個無人認領的ZK令牌，然後被挪用。攻擊者通過調用SweepunClaimed（）函數來創建和傳輸無人認領的令牌，從而成功地利用了此漏洞。

The admin account exploited and controlled the airdrop counter, a contract that distributed ZK tokens to users. The minting transaction added approximately 0.45% of the total ZK token supply to the circulating supply of the tokens. The lost tokens were pegged at about $5 million. The attack only affected the airdrop distribution smart contracts; other contracts within the ZKsync protocol were not impacted.

Admin帳戶利用並控制了Airdrop Counter，這是向用戶分發ZK代幣的合同。鑄造交易將ZK代幣總供應的約0.45％增加到令牌的循環供應中。丟失的令牌被固定在約500萬美元。攻擊只影響了Airdrop發行的智能合約； ZKSYNC方案中的其他合同受到影響。

The ZKsync team reassured users that no user funds were at risk during the attack. The protocol and the ZK token contract remained secure. In a post on X, the security team stated, “All user funds are safe and were never at risk,” adding that “necessary security measures” were being taken. They also emphasized that the incident was isolated and confined to the airdrop contract.

ZKSYNC團隊向用戶保證，在攻擊期間，沒有任何用戶資金有危險。協議和ZK代幣合同仍然安全。安全團隊在X上的一篇文章中說：“所有用戶資金都是安全的，從未受到威脅”，並補充說正在採取“必要的安全措施”。他們還強調，該事件是孤立的，並局限於空投合同。

According to the team investigation, the compromised admin account’s address was identified, and the ZKsync team will work with organizations to recover the stolen funds. They also encourage the attacker to contact them for negotiations regarding the return of the stolen tokens. “We are coordinating the recovery efforts with @_seal_org and exchanges,” the team mentioned.

根據團隊的調查，確定了受損的行政帳戶的地址，ZKSYNC團隊將與組織合作以收回被盜的資金。他們還鼓勵攻擊者與他們聯繫，以就被盜令牌的返回進行談判。團隊提到：“我們正在與@_seal_org和交流協調恢復工作。”

Following the crypto hack, ZK’s price dropped significantly, which is the second of the major crypto crashes witnessed this week. After the announcement, ZK’s price fell by around 20%, likely due to the hacker selling the stolen tokens on the market. By the time of the report, the price had recovered slightly but was still down about 12% from the intra-day high.

在加密黑客攻擊之後，ZK的價格大大下降，這是本週主要的加密貨幣撞車事故中的第二起。宣布這一消息後，ZK的價格下跌了約20％，這可能是由於黑客出售了市場上被盜的令牌。到報告時期，價格略有恢復，但仍比日內高點下降了約12％。

This price drop directly responds to the increased circulation of tokens due to the hack. The influx of additional tokens into the market raised concerns among investors, contributing to the decline.

該價格下跌直接響應由於黑客攻擊而增加的令牌循環。投入市場的其他代幣湧入引起了投資者的關注，這導致了下降。

However, the ZKsync team’s assurance that no further vulnerabilities exist has calmed some fears, although the price has not fully recovered.

但是，儘管價格尚未完全恢復，但ZKSYNC團隊保證沒有進一步的漏洞使人們感到恐懼。

According to the Zsync team, the investigation into the incident is ongoing. A more detailed update will be shared once the team has completed its findings.

根據Zsync團隊的說法，對事件的調查正在進行中。一旦團隊完成發現後，將共享更詳細的更新。

In addition, the ZKsync team is actively working with exchanges to help recover the stolen funds. They have also contacted the attacker to facilitate the return of the stolen tokens, warning that legal consequences could follow if the situation is not resolved.

此外，ZKSYNC團隊正在積極進行交流，以幫助收回被盜的資金。他們還聯繫了攻擊者，以促進被盜令牌的返回，警告說，如果情況無法解決，法律後果可能會隨之而來。

While the attack’s immediate impact has temporarily dropped the price of ZK tokens, the team remains confident in the overall security of the ZKsync protocol. As the investigation progresses, further updates and details about the incident are expected.

儘管攻擊的直接影響暫時下降了ZK代幣的價格，但團隊對ZKSYNC協議的整體安全仍然有信心。隨著調查的進行，預計將進一步更新和有關該事件的詳細信息。