ZKsync confirms that the administrator address of the airdrop contract has been breached, and approximately 111 million ZKs have been illegally minted

PANews|Apr 15, 2025 15:30

According to the official update from ZKsync, investigations have shown that the administrator address (0x8428... 587D) of the airdrop contract has been compromised. The attacker called the sweetUnchamed() function to illegally mint approximately 111 million ZK tokens from three airdrop contracts, accounting for about 0.45% of the total supply. The event is limited to airdrop distribution contracts, and the ZKsync protocol and its token contracts, governance contracts, and authorized minters are not affected. At present, most of the funds are still in the attacker's address, and the team is coordinating with the SEAL organization and exchange to track and encourage the attacker to return the funds.

+4

Mentioned

|

APP

Windows

Mac

Share To

X

Telegram

Facebook

Reddit

CopyLink

|

Share To

Timeline

Apr 16, 08:12【MistTrack security alert, resulting in a loss of approximately 780K】

Apr 16, 07:51【1ROR/WETH pool attacked and lost $780000】

Apr 16, 07:26【1ROR/WETH pool attacked and lost $780000】

Apr 16, 07:24【Suspicious transactions detected on ETH chain】

Apr 15, 15:44【The zksync team has identified the hacked administrator account】

Apr 15, 15:38【Privacy coins with zero knowledge proofs will be taken down】

Apr 15, 15:33【Three airdrop contract administrator accounts were stolen】

Apr 15, 15:00【ZKSync attacker has transferred approximately 1.7 million ZKs across chains】

Apr 15, 14:36【Discovered damaged administrator account, with a value of 5 million ZK tokens being accessed】

Apr 15, 14:33【Hacked administrator account controls ZK token】

HotFlash

|

APP

Windows

Mac

Share To

X

Telegram

Facebook

Reddit

CopyLink

APP

Windows

Mac

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads