攻击者今天铸造了1.11亿个ZK令牌

这是紧随其后的ZKSYNC违规行为，涉及与该项目的Airdrop相关的受损的行政帐户

An attacker has minted 111 million ZK tokens following a significant breach of ZKsync, a popular Layer 2 scaling network for Ethereum.

攻击者在严重违反了以太坊的2层缩放网络ZKSYNC之后，已经铸造了1.11亿个ZK令牌。

The incident involved a compromised administrative account key used to access three airdrop distribution contracts. As a result, an unclaimed pool of ZK tokens was exploited to mint an enormous number of tokens.

该事件涉及用于访问三份Airdrop分销合约的受损的行政帐户密钥。结果，无人认领的ZK代币池被利用以铸造大量令牌。

ZKsync confirmed the details in a statement on X (formerly Twitter), as the news pushed the ZK token price down about 13 percent. The compromised account address was identified as 0x842822c797049269A3c29464221995C56da5587D.

Zksync在X（以前是Twitter）的一份声明中确认了细节，因为该消息将ZK代币的价格降低了约13％。折衷的帐户地址被确定为0x842822C797049269A3C29464221995C56DA555587D。

The breach was initially discovered by blockchain security firms, who observed a large-scale minting transaction on the ZKsync Era network.

违规最初是由区块链安全公司发现的，后者观察到ZKSYNC ERA网络上的大规模铸造交易。

The attacker specifically targeted a function within the airdrop contracts, which was designed to sweep up unclaimed tokens.

攻击者专门针对空调合同中的功能，该功能旨在扫除无人认领的令牌。

“The attacker called the sweepUnclaimed() function that minted approximately 111 million unclaimed ZK tokens from the airdrop contracts,” ZKsync explained.

Zksync解释说：“攻击者称为SweepunClaimed（）功能，从Airdrop合同中铸造了约1.11亿个无人认领的ZK令牌。”

This action essentially generated new tokens from the pool designated for users who had not yet claimed their airdrop allocation. The transaction can be viewed on the ZKsync Era blockchain explorer.

此操作基本上是从指定尚未声称其空调分配的用户的池中生成的新令牌。可以在ZKSYNC ERA区块链探索者中查看交易。

The scale of the breach, involving 111 million tokens, clarifies initial reports which estimated a lower figure. While the token’s price varies, the quantity minted represents a substantial portion of the unclaimed airdrop supply.

涉及1.11亿个令牌的漏洞规模阐明了估计数字较低的初始报告。尽管令牌的价格有所不同，但铸造的数量代表了无人认领的空调供应的很大一部分。

ZKsync quickly moved to contain the fallout from this specific vulnerability. Despite the compromise affecting the airdrop, officials stated that core infrastructure and user holdings remained safe.

ZKSYNC迅速移动以控制此特定漏洞的后果。尽管妥协影响了空调，但官员们表示，核心基础设施和用户持有仍然是安全的。

“This incident is contained to the airdrop distribution contracts only,” the statement went on to say. “All the funds that could be minted [via this method] have been minted. No further exploits via this method are possible.”

该声明继续说：“这一事件仅包含在Airdrop发行合同中。” “所有可以通过这种方法铸造的资金都已被铸造出来。不可能通过此方法进行进一步的利用。”

The project also confirmed the security of key components, separate from the specific point of failure in this breach.

该项目还确认了关键组件的安全性，与此违规中的特定故障点不同。

“The ZKsync protocol, ZK token contract, all three governance contracts, and all active Token Program capped minters have not been, and will not be impacted by this incident,” ZKsync stated.

Zksync说：“ ZKSYNC协议，ZK代币合同，所有三项治理合同以及所有活跃的令牌计划限制的Minters尚未受到这一事件的影响。”

Most of the minted tokens reportedly remain in an account controlled by the attacker (0xb1027ed67f89c9f588e097f70807163fec1005d3).

据报道，大多数铸造代币保留在攻击者控制的帐户中（0xB1027ED67ED67F89C9F588E097F70807163FEC1005D3）。

ZKsync announced coordination efforts aimed at recovery. “We’re coordinating the

Zksync宣布了旨在恢复的协调工作。 “我们正在协调