ZKsync Hacker Accepts 10% Bounty, Returns $5.7M in Stolen Funds

The hacker behind the exploit on the Ethereum layer-2 scaling solution, ZKsync, has accepted the project’s 10% bounty offer. The protocol recovered the stolen funds less than 10 days after the attack. 

Hacker Returns 90% of Stolen Funds

In an X post, the ZKsync Association announced that the hacker has returned 90% of the stolen assets. 

We’re pleased to share that the hacker has cooperated and returned the funds within the safe harbor deadline. As stated in the original Security Council message, the case is now considered resolved.

The assets are now in custody of the Security Council, and the decision on what… https://t.co/X0oejun9Tx

— ZK Nation (@TheZKNation) April 23, 2025

According to on-chain data, the hacker made three transfers to addresses controlled by the ZKsync Security Council on Wednesday. They transferred more than 44.6 million ZK tokens worth over $2.47 million and over 1,700 ETH worth approximately $3.2 million.

ZKsync Hacker Escapes Legal Consequences 

On April 15, ZKsync suffered a security breach that affected its airdrop distribution contract. The attacker exploited a compromised admin key that managed the contract to mint 111 million unclaimed ZK tokens, worth $5 million at the time. 

Six days later, the ZK Security Council sent an on-chain message to the hacker, offering a 10% bounty in exchange for returning 90% of the stolen funds within a 72-hour deadline. 

The team specifically demanded that the hacker send 44,687,278.5988 ZK tokens and 1,021.3 ETH to the ZK Security Council’s address on the ZKsync Era blockchain. Then another 766 ETH to the council’s Ethereum layer 1 address. 

ZKsync pledged not to subject the stipulated addresses to transaction filtering within the safe harbor deadline. Additionally, the protocol vowed to “publicly confirm” and close the case without pursuing any legal action if the hacker returned the funds within the deadline.

However, if the hacker fails to comply, ZKsync warned that it would involve law enforcement. Remarkably, the three transfers were completed within the 72-hour deadline. 

Interestingly, the total amount recovered from the hacker was approximately $5.7 million, exceeding the original amount stolen from the protocol. Notably, this increase is due to the surge in the value of both ETH and ZK since the exploit. 

The recovered assets are currently being held by the ZK Security Council and the team will determine what to do with them via a governance process. The protocol also stated that it would publish a final investigation report to provide more details on the hack.

In a similar case, the hacker behind the hack on the decentralized protocol KiloEx, has returned 27% of the funds. Like ZKsync, the platform has urged the hacker to return 90% of the stolen funds to avoid facing legal consequences.

The post ZKsync Hacker Accepts 10% Bounty, Returns $5.7M in Stolen Funds appeared first on Cointab.