Hackers recently gained unauthorized access to the official X accounts of ZKsync and developer Matter Labs, using the platforms to spread fake SEC warnings and promote a phishing airdrop. The breach, which likely occurred through compromised delegated accounts, has since been addressed, with the teams confirming that both accounts are now fully back under their control.
In a recent update from the main ZKsync account, the team mentioned that all malicious tweets have been removed, and an internal investigation is currently underway to determine the extent of the breach. However, a subsequent post from a ZKsync-affiliated developer account raised concerns that the accounts were still compromised, advising users to avoid interacting with them until further notice.
The hackers initially used the hacked accounts to instigate panic by falsely claiming that ZKsync was under investigation by the SEC and warning of potential sanctions from the Treasury Department. This misinformation was likely an attempt to manipulate ZKsync’s token price, as noted by market commentators like g8keep co-founder Harrison Leggio.
Subsequently, the attackers promoted a fake ZK token airdrop through a post that included a phishing link aimed at siphoning funds from unsuspecting users. While it is unclear how many users may have fallen victim to the scam, ZKsync has not confirmed any reported losses at this time.
Following the security incident, the value of ZK token experienced a decline of over 5%, trading at approximately $0.07 on CoinGecko. This drop followed an initial dip of around 2% immediately after the fake SEC warning circulated.
This breach comes on the heels of another significant security lapse for ZKsync, where an attacker exploited admin access to the platform’s airdrop distribution contract and minted 111 million unclaimed ZK tokens, valued at $5 million. Despite returning 90% of the stolen tokens and keeping the remaining 10% as a self-declared bounty, the incident has raised questions about the platform’s internal security protocols.
As ZKsync continues to address these security challenges, users are advised to exercise caution and remain vigilant against potential phishing attempts and fraudulent activities targeting the platform. Stay tuned for further updates as the investigation into the breach progresses.