Hacker mints $5M in ZK tokens after compromising ZKsync admin account
0
0
The attacker exploited an admin account tied to ZKsync’s airdrop contracts, minting 111 million unclaimed tokens worth $5 million.
A hacker compromised a ZKsync admin account on April 15, minting $5 million worth of unclaimed airdrop tokens, according to a statement from the official ZKsync X account. The attack was described as isolated, with no user funds affected.
Following an investigation, ZKsync detailed the incident on April 15, disclosing that the compromised account had administrative control over three airdrop distribution contracts. The attacker exploited a function called sweepUnclaimed() to mint 111 million unclaimed ZK tokens, increasing the total token supply by 0.45%. As of the latest update, the attacker still held control of most of the stolen funds.
Source: ZKsync
0
0
Manage all your crypto, NFT and DeFi from one placeSecurely connect the portfolio you’re using to start.
1
0
0
0
0
0