Türkçe
Español
A major security breach has occurred within the ZKsync protocol, resulting in the theft of tokens valued at approximately 5 million dollars due to the compromise of an administrative account. This incident led to a notable decline in the token‘s price as market reactions unfolded.
Details of the Security Vulnerability
On April 15, the attacker who gained access to the admin account discovered a vulnerability while managing the airdrop contract. This exploit arose from the misuse of a function called “sweepUnclaimed()”, leading to the creation of around 111 million unclaimed tokens which were then transferred by the assailant.
The minted tokens constituted approximately 0.45% of the total supply. Reports indicate that the attack only affected the airdrop distribution contract, with no damages reported to other components of the system. No vulnerabilities were detected in other smart contracts within the protocol.
The ZKsync team reassured users that their funds were not at risk.
All user funds are secure and not at risk – ZKsync Security Team
The team announced that they have restored the security of the protocol and the token contract. Authorities stated that additional security measures have been implemented and confirmed that the incident was isolated.
Furthermore, investigations following the attack revealed the identification of the account used by the attacker. The team is collaborating with relevant organizations to work on recovering the lost tokens, and they have also initiated negotiations with the attacker to retrieve the tokens.
Market Reaction and Price Decline
Following the attack, there was a sharp decline in the token’s value. Initial reports indicated a 20% drop in price, which later settled around 12% below the day’s peak. The large volume of tokens released into circulation sparked concerns among investors, especially following the collapse of OM Coin, making investors more cautious.
The ZKsync team emphasizes that systems outside the affected contracts remain robust, noting that market fluctuations are expected to have a temporary impact. Ongoing improvements are focused on enhancing the overall security of the protocol.
While the review and recovery process continues, it is crucial for investors to closely monitor developments. The public’s perception of market movements is being analyzed through impartial evaluations. In light of these developments, actions taken by relevant stakeholders could prove decisive for investors in the future.
