The attacker exploited an admin account tied to ZKsync’s airdrop contracts, minting 111 million unclaimed tokens worth $5 million.
A hacker compromised a ZKsync admin account on April 15, minting $5 million worth of unclaimed airdrop tokens, according to a statement from the official ZKsync X account. The attack was described as isolated, with no user funds affected.
Following an investigation, ZKsync detailed the incident on April 15, disclosing that the compromised account had administrative control over three airdrop distribution contracts. The attacker exploited a function called sweepUnclaimed() to mint 111 million unclaimed ZK tokens, increasing the total token supply by 0.45%. As of the latest update, the attacker still held control of most of the stolen funds.
Source: ZKsync
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments