Hacker Returns $5.7 Million to ZKsync Protocol After Threatening to Call Police

The incident occurred on April 15. The hacker managed to gain access to the administrator account, which gave him the opportunity to exploit a vulnerability in one of the ZKsync contracts. With its help, he distributed unclaimed ZK tokens intended for the airdrop and stole 111 million tokens worth a total of about $5 million.

The developers immediately responded by offering the attacker a deal: return the assets within 72 hours and avoid legal consequences. In case of refusal, ZKsync planned to hand the case over to law enforcement. Since the hacker agreed to the terms and returned the assets, the incident was closed without further prosecution.

According to ZKsync, user funds were not affected, and the developers promised to publish a detailed report on the incident. They emphasized that the situation is under control and there were no risks to users due to the attack.

Interestingly, due to the rise in token prices after the attack, the nominal value of the returned assets turned out to be higher than the initially stolen amount. Since the incident, the ZK token has risen in price by 16.6%, and ETH by 8.8%. However, the return of assets did not support the long-term growth of the rate: over the past 24 hours, the ZK token has lost 3% of its value and is now trading at $0.05469. The market capitalization of ZK is $201 million.

Hacker attacks in the crypto space continue: recently, a similar incident occurred with the decentralized platform KiloEx, from which cryptocurrency worth $7.4 million was stolen. Subsequently, the attacker returned $1.4 million in USDT stablecoins to the project.