ZKsync Hit by $5 Million Theft: Important Lessons for DeFi Security!

Jakarta, Pintu News – The DeFi world was recently shocked by the news of the theft of $5 million from ZKsync, an Ethereum Layer-2 platform, through a compromised admin account.

The incident highlighted serious security loopholes in token distribution and sparked widespread discussion about the need for tighter safeguards in the DeFi ecosystem.

Incident Details

On April 15, ZKsync announced that there was a security breach involving the unauthorized use of admin wallets.

The attacker managed to utilize an entitled function in the airdrop distribution contract to mint approximately 111 million unclaimed ZK tokens, valued at approximately $5 million. This increased the circulating supply by 0.45%.

Read also: China Ready to Sell 15,000 Bitcoins, BTC Price Could Plummet?

According to ZKsync’s official statement on X (formerly Twitter), this exploit comes from a misuse of the ‘sweepUnclaimed()’ function, which has access to unallocated tokens from ongoing airdrop initiatives.

The market reacted quickly to this hack, with the value of the ZK token dropping over 13.7% in just 24 hours, from $0.046 to $0.039. Trading volume increased by 96% to $71 million, indicating massive selling and fear on decentralized exchanges.

Market Reaction and Damage Assessment

The financial loss incurred by this theft is significant, given the drop in token value and investor confidence.

The sharp drop in the price of the ZK token shows how quickly the market reacts to security incidents in the DeFi ecosystem. It also highlights the importance of transparency and quick response from the development team in the face of emergencies.

Moreover, the drastic increase in trading volume signals a level of panic among token holders, who seek to minimize their losses. This incident underscores the importance of having robust security protocols and effective response systems in place to manage crises in the DeFi ecosystem.

Broader Implications for DeFi Security

This incident shows that security is still a big challenge in the DeFi world, which is still evolving.

Read also: Ripple Whale Moves $273 Million XRP, Analyst Predicts Price to Plummet to $1.90!

The importance of extensive security audits and robust governance procedures is becoming increasingly crucial as the DeFi platform grows and is accepted by more users.

This incident should serve as a reminder for all players in the industry to continuously improve and update their security systems.

In addition, this incident also highlights the importance of having strong and protected administrative controls in place. Without these, the DeFi platform could easily become a target for attackers looking to exploit security holes for personal gain.

All in all, the theft incident at ZKsync is a stark warning to the entire DeFi industry about the importance of security and good stewardship. It shows that even seemingly secure platforms can be vulnerable to attacks if not equipped with adequate safeguards.

Going forward, it is important for all stakeholders in the DeFi ecosystem to take proactive measures to secure assets and ensure user trust.

That’s the latest information about crypto news today. Get more information about crypto academy from beginner to expert level only at Pintu Academy and enrich your knowledge about the world of crypto and blockchain.

Follow us on Google News to get the latest information about crypto and blockchain technology. Enjoy an easy and secure crypto trading experience by downloading Pintu Crypto via Google Play Store or App Store now.

Experience web trading with advanced trading tools such as pro charting, various order types, and portfolio tracker only at Pintu Pro. Click Register Pintu if you don’t have an account or click Login Pintu if you are already registered.

*Disclaimer

This content aims to enrich readers’ information. Pintu collects this information from various relevant sources and is not influenced by outside parties. Note that an asset’s past performance does not determine its projected future performance. Crypto trading activities have high risk and volatility, always do your own research and use cold cash before investing. All activities of buying and selling bitcoin and other crypto asset investments are the responsibility of the reader.

Reference:

• Coinfomania. Ethereum Layer 2 ZkSync Confirms $5 Million Theft via Compromised Airdrop Admin Account. Accessed on April 16, 2025
• Cointelegraph. ZkSync Hacker Steals $5M Airdrop Tokens. Accessed on April 16, 2025
• Crypto Potato. Ethereum Layer 2 ZkSync Airdrop Account Hacked for $5M. Accessed on April 16, 2025