ZKsync announces reason for hacking incident: illegal minting of ZK tokens from airdrop contracts

On April 25th, according to official sources, ZKsync announced that on April 13th, a hacker illegally minted 110 million ZK tokens, approximately $5 million, from the Merkle distribution contract airdropped by ZKsync in June 2024 through a stolen administrator account. The Matter Labs team confirmed the scope of the incident on April 15th and launched an investigation with the ZKsync Association and Foundation. This incident only involves three specific airdrop contracts, and all tokens have been minted and cannot be further utilized through the administrator key. On April 23rd, after the ZKsync Security Committee proposed the "Safe Harbor" plan, hackers returned all funds. The funds are currently managed by the Security Committee, and the specific handling method will be determined by community governance.