ZKSYNC正在受到攻擊：管理員密鑰妥協，500萬美元的ZK令牌被盜

此事件不會影響ZKSYNC協議，ZK令牌合同，三個治理合同或核心用戶資產

ZKsync is under attack: admin key compromised, $5M in ZK tokens stolen

ZKSYNC正在受到攻擊：管理員鑰匙遭到損害，500萬美元的ZK令牌被盜

The ZKsync security team has identified a compromised admin account that took control of ≈$5M worth of ZK tokens - the remaining unclaimed tokens from the ZKsync airdrop. Necessary security measures are being implemented. All user funds are safe and have never been at risk. The ZKsync protocol, the ZK token contract, the three governance contracts, and core user assets are not affected.

ZKSYNC安全團隊已經確定了一個受損的管理員帳戶，該帳戶控制了≈500萬美元的ZK代幣 - 其餘的無人認領的令牌來自ZKSYNC Airdrop。正在實施必要的安全措施。所有用戶資金都是安全的，從未有風險。 ZKSYNC協議，ZK代幣合同，三個治理合同和核心用戶資產不受影響。

The incident is limited solely to the account that was the admin of the three airdrop distribution contracts, which was compromised. The address in question is: 0x842822c797049264A3c29464221995C56da5587D.

該事件僅限於賬戶，該帳戶是三個被妥協的Airdrop分銷合約的管理員。所討論的地址是：0x842822C797049264A3C29464221995C56DA55587D。

Update: the investigation has revealed that the account that was the admin of the three airdrop distribution contracts had been compromised. The compromised account address is 0x842822c797049269A3c29464221995C56da5587D.

更新：調查顯示，是三個Airdrop發行合同的管理員的帳戶已被損害。折衷的帳戶地址是0x842822C797049269A3C294642219995C56DA55587D。

The attacker called the sweepUnclaimed() function that permits collecting the unclaimed airdrop tokens and transferring them to a chosen address.

攻擊者稱為SweepunClaimed（）函數，該功能允許收集無人認領的Airdrop代幣並將其轉移到所選地址。

The attacker then used the public function sweepUnclaimed() to initiate a transaction.

然後，攻擊者使用公共功能SweepunClaimed（）啟動交易。

The majority of the tokens were then transferred to the address b1027ed67f89c9f588e097f70807163fec1005d3, which is presumably controlled by the attacker.

然後將大多數令牌轉移到地址B1027ED67ED67F89C9F588E097F70807163FEC1005D3，大概由攻擊者控制。

In total, 111 million ZKsync tokens were minted, estimated at a value of around $5 million.

總共鑄造了1.11億個ZKSYNC令牌，估計價值約500萬美元。

The ZKsync team is working to clarify the full details of the incident in cooperation with Seal 911 and has also reached out to a number of crypto exchanges to ensure that any attempt to withdraw the stolen funds results in their freezing.

ZKSYNC團隊正在努力闡明與Seal 911合作的事件的全部細節，並且還進行了許多加密交易所，以確保任何試圖撤回被盜資金的嘗試都會導致他們的凍結。

However, the attack had already impacted the ZKsync token’s price, with a sharp drop of ≈13% immediately following the incident - from $0.0477 to $0.0415.

但是，這次襲擊已經影響了Zksync令牌的價格，事件發生後立即下降了約13％ - 從0.0477美元到0.0415美元。

It’s also worth noting that, just as the exploit was quickly contained, the token price also rebounded without major delay and is now trading at approximately $0.0464.

還值得注意的是，正如漏洞利用很快所包含一樣，代幣價格也沒有重大延遲，現在的交易價格約為0.0464美元。

Just recently, we analyzed a rather sophisticated attack on Atomic and Exodus wallets. One of the key takeaways we highlighted was that attackers tend to target infrastructure surrounding blockchain solutions rather than the protocols themselves.

就在最近，我們分析了對原子和出埃及記錢包的相當複雜的攻擊。我們強調的關鍵要點之一是，攻擊者傾向於針對區塊鏈解決方案而不是協議本身的基礎設施。

This incident serves—albeit less obviously—as another illustration of that pattern. It’s significantly easier for attackers to compromise an administrative account than to hack a core protocol that has undergone extensive audits and has been battle-tested in production (although such attacks are still possible).

這一事件是這種模式的另一個例證。攻擊者妥協的行政帳戶要容易得多，而攻擊了經過廣泛審計並在生產中進行了戰鬥測試的核心協議（儘管這種攻擊仍然是可能的）。

The same principle applies to integration or partner breaches, such as the recent case with Bybit, which remains one of the most advanced and secure crypto exchanges in the market.

同樣的原則適用於集成或合作夥伴違規，例如最近與Bybit的案件，Bybit仍然是市場上最先進，最安全的加密交易所之一。