In a concerning development, ZKsync’s security team has confirmed that an admin account tied to the platform’s recent token airdrop was compromised, resulting in the unauthorized withdrawal of approximately $5 million worth of ZK tokens. The stolen tokens were part of the unclaimed reserves from the ZKsync airdrop campaign.
The breach has been described as an isolated incident, stemming from a compromised private key linked to the airdrop contract. ZKsync clarified that the issue is limited solely to the airdrop distribution system and does not affect the core protocol or the main ZK token contract. The security team is actively investigating the breach to determine the full scope and root cause of the incident.
According to an official statement from ZKsync, “All user funds remain safe and have never been at risk. The ZKsync protocol and ZK token contract continue to operate securely, and no additional ZK tokens are at risk.”
Despite these reassurances, the news triggered a sharp market reaction. The price of ZK token plunged more than 10%, reflecting shaken investor confidence. As of the time of writing, ZK is trading at $0.044 — marking a 13.72% drop over the last 24 hours.
ZK is currently ranked as the 200th largest cryptocurrency by market capitalisation, with a total valuation standing at approximately $164 million.
As the investigation unfolds, the community awaits further updates from the ZKsync team regarding potential recovery efforts and additional security measures.
