ZKsync recovers $5M of stolen tokens after hacker accepts bounty offer
The ZKsync Association recovered $5 million worth of stolen tokens from an April 15 security incident involving its airdrop distribution contract. The hacker returned 90% of the stolen tokens, totaling almost $5.7 million, after accepting a 10% bounty. Transfers occurred on April 23, including $2.47 million in ZK tokens and $1.83 million in Ether, with an additional 776 ETH worth nearly $1.4 million sent to the security council. The hack exploited the airdrop distribution contract's sweepUnclaimed() function, allowing the minting of 111 million unclaimed ZK tokens. The recovery amount exceeded the original theft due to market value increases. Despite the recovery, the ZK token's value decreased by 0.2% in the last 24 hours. ZKsync Era is an Ethereum layer 2 solution with nearly $59 million in total value locked and over $2 billion in real-world assets onchain. A final report on the security incident will be published by the ZKsync Association.
