On April 15, 2025, ZKsync had an enormous security exploit. This event led to the unauthorized minting of 111 million ZK tokens (at the time, valued at approximately $5 million). The event raised emergency flags all across the incident, users of the entire cryptocurrency community, but particularly interested ZKsync users and investors of the whole ecosystem apocalypto. ZKsync has acknowledged the breach and is coordinating with SEAL 911 as well as several centralized exchanges to investigate the issue.
The breach meant that the hacker was able to mint ZK tokens without authorization using the airdrop distribution contract. Soon after the event, ZKsync issued an announcement. They assured their users that the core ZKsync protocol and the token contract were safe. None of our users’ funds were compromised in this breach.
The ZK token quickly filled the price gap, as traders recognized the long-term value of the project despite the hack. The token's value plummeted nearly 19% before it partially recovered, reflecting the market's immediate response to the security lapse.
ZKsync is currently undertaking their own investigation. Their focus is to understand how deep the breach goes and identify the loopholes that enabled the unauthorized minting. The company has pledged to release a comprehensive post-mortem report detailing the findings and outlining measures to prevent future incidents once the investigation concludes.
ZKsync has said that they are taking the breach in question seriously. To do so, they’ve teamed up with SEAL 911, a cybersecurity company specializing in the security of blockchain technology. Several major centralized exchanges increase the investigation’s breadth. They can assist in tracking how far the illegally minted tokens have already traveled.
