Hackers infiltrate ZKsync X platform, disseminating fraudulent SEC alerts and distributing harmful airdrops.
Navigating Another Hack: ZKsync's Troubled Journey
ZKsync, a popular blockchain project, has once again found itself embroiled in a cyberattack ordeal. In a series of events, hackers swiftly took over the official ZKsync and developer Matter Labs accounts on a popular social media platform. The main objective? To spread false SEC warning alerts and propel a phishing scheme.
The initial takeover, as revealed in an account update on May 13, seems to have occurred through compromised delegated accounts that have since been disconnected. Consequently, all malicious tweets have been eradicated, and an internal investigation is currently underway.
However, a subsequent post from a ZKsync-associated developer account stirred fresh doubts about the security recovery process. The post urged users to stay vigilant and avoid interaction, hinting at potential lingering threats. This ambiguity has sparked concerns about the team's claim of complete account recovery at the time of the initial statement.
First, the hackers instilled panic using the hacked accounts. A now-erased post falsely claimed that ZKsync was under investigation by the U.S. Securities and Exchange Commission, potentially triggering a panic sell-off among investors.
Market analysts like Harrison Leggio, co-founder of g8keep, argued that the move was orchestrated deliberated to tank ZKsync's token price. In a X post following the attack, he stated, "Instead of dropping a token and stealing a few bucks, they decided to scare the living shit out of onchain degens."
Straight after the misleading post, the hackers advertised a fake ZK token airdrop, pitching a phishing link designed to empty users' wallets. Although the team managed to remove the post quickly, the damage might already have been done. ZKsync has yet to confirm whether any losses have been reported.
This recent attack follows close on the heels of another major security lapse that occurred less than a month ago. On April 15, an attacker exploited admin access to the platform's airdrop distribution contract, minting a whopping 111 million unclaimed ZK tokens, worth approximately $5 million at the time.
The opportunistic attacker eventually returned 90% of the stolen tokens, keeping the remaining 10% as a self-proclaimed bounty. This exploit surfaced during the ongoing distribution of 17.5% of ZK's total token supply to ecosystem participants. Despite the recovery of most funds, the consecutive breaches have raised red flags about ZKsync's internal security measures and processes.
- In a bid to empty users' wallets, the hackers promoted a fake ZK token airdrop following the misleading post about ZKsync's SEC investigation.
- The hackers' strategy, as suggested by market analyst Harrison Leggio, was to deliberately scare cryptocurrency investors with the false SEC warning to tank ZKsync's token price.
- The internal security measures and processes of ZKsync have come under scrutiny after the recent string of cyberattacks, including the compromise of delegated accounts and the exploitation of admin access to the platform's airdrop distribution contract.
- Despite the removal of the phishing post, concerns about cybersecurity and technology vulnerabilities within ZKsync continue to persist due to the successive hacking incidents involving crypto, dex, and token assets.
