logo
Just in:
Mashreqbank Moves Forward with $500 Million Sukuk Issue // Standard Chartered and OKX Introduce New Crypto Trading Model in Dubai // Dubai Establishes Groundbreaking Free Zone for Sports and Entertainment Enterprises // Consumer goods expo highlights China’s growing allure for global brands // Andertoons by Mark Anderson for Mon, 14 Apr 2025 // Dubai’s Property Surge Faces Risks from Rising Tariffs // Recognising Purpose-Driven Excellence: ACES Awards 2025 Opens Nominations for the Philippines’ Most Visionary Leaders and Companies // Abu Dhabi Regulators Impose $12 Million Penalty on Hayvn Group and Former CEO // Hong Kong Institute of Chartered Digital Asset Analysts Officially Launched to Establish HK as Global Hub for Digital Asset Talent // PAObank Shared in World Internet Conference Asia-Pacific Summit in Hong Kong // OpenAI Charts Course Toward AI-Integrated Social Platform // US and Saudi Arabia to Advance Civil Nuclear Cooperation // Chinese Tech Company GYMD Powers Malaysia’s Industry 4.0 by Focusing on the Automotive Sector // ZKsync’s Airdrop Security Breach Unveils $5 Million Exploit // India Accelerates UPI Expansion to Add 300 Million Users and Boost Global Reach // ADNOC Eyes Strategic Expansion into US Natural Gas Sector // Saturday Morning Breakfast Cereal by Zach Weinersmith for Mon, 14 Apr 2025 // Crayon’s Biennial Future of Operations Study Uncovers What is Driving SMB IT Spend in APAC // Saudi Arabia Commits to Settling Syria’s World Bank Debt Amid Reconstruction Efforts // In record time: Octa broker on how speed inspires trust //
Peer to Peer
0 likes

ZKsync’s Airdrop Security Breach Unveils $5 Million Exploit

A compromised administrative account within ZKsync’s infrastructure has been identified as the source of an exploit that diverted approximately $5 million worth of unclaimed ZK tokens from the platform’s airdrop contract. The breach, attributed to a compromised private key, was confined to the token airdrop mechanism, according to the project’s security team. An investigation into the incident remains ongoing.

The vulnerability was exploited during the initial phase of ZKsync’s token distribution, which aimed to allocate 17.5% of its total 21 billion ZK token supply to eligible users. The airdrop, intended to reward early adopters and contributors, has been marred by criticisms over its susceptibility to Sybil attacks—a method where an individual creates multiple wallets to illegitimately claim tokens. Reports indicate that one user managed to generate over 21,000 wallets to exploit the airdrop, highlighting significant flaws in the platform’s anti-Sybil measures.

Industry experts have voiced concerns regarding the airdrop’s design. Mudit Gupta, Chief Information Security Officer at Polygon, described the event as potentially the most “farmed” airdrop to date, citing a lack of effective Sybil filtering. Similarly, Adam Cochran of Cinneamhain Ventures criticized the eligibility criteria, suggesting they were easily manipulated by automated scripts, thereby disadvantaging genuine users.

ADVERTISEMENT

The airdrop’s execution has also been scrutinized for its distribution methodology. Despite the intention to decentralize token ownership, data reveals that a significant portion of the tokens was claimed by a small group of wallets. Approximately 41% of the top recipient wallets have already liquidated their entire allocations, contributing to a 34.5% decline in the token’s value shortly after its launch.

Compounding the situation, the airdrop’s announcement and subsequent distribution were accompanied by a surge in phishing scams and malicious decentralized applications . These fraudulent entities impersonated official ZKsync channels, luring unsuspecting users into compromising their wallets. Security firm Blockaid reported a fivefold increase in malicious dApp activity targeting ZKsync users during this period.

Arabian Post – Crypto News Network

Notice an issue?

Arabian Post strives to deliver the most accurate and reliable information to its readers. If you believe you have identified an error or inconsistency in this article, please don't hesitate to contact our editorial team at editor[at]thearabianpost[dot]com. We are committed to promptly addressing any concerns and ensuring the highest level of journalistic integrity.

ADVERTISEMENT

Share

Related posts

Asian News by Media-Outreach
Buzz | Arabian Post
Featured
Asian News by Media-Outreach
Investment Insights
Asian News by Media-Outreach
Just in:
Recognising Purpose-Driven Excellence: ACES Awards 2025 Opens Nominations for the Philippines’ Most Visionary Leaders and Companies // China Effectively Playing Global Diplomacy To Isolate Trump On Tariff War Issue // Saudi Arabia Commits to Settling Syria’s World Bank Debt Amid Reconstruction Efforts // Andertoons by Mark Anderson for Mon, 14 Apr 2025 // Saturday Morning Breakfast Cereal by Zach Weinersmith for Mon, 14 Apr 2025 // OpenAI Charts Course Toward AI-Integrated Social Platform // Investors will relearn ESG’s value // Consumer goods expo highlights China’s growing allure for global brands // FBS Enhances Local Rescue Capabilities in Thailand with Critical Equipment Donation // US and Saudi Arabia to Advance Civil Nuclear Cooperation // OPEC Revises Oil Demand Forecast Amid Trade Tensions // ZKsync’s Airdrop Security Breach Unveils $5 Million Exploit // Dubai Establishes Groundbreaking Free Zone for Sports and Entertainment Enterprises // Abu Dhabi Regulators Impose $12 Million Penalty on Hayvn Group and Former CEO // India Accelerates UPI Expansion to Add 300 Million Users and Boost Global Reach // PAObank Shared in World Internet Conference Asia-Pacific Summit in Hong Kong // Samsung Solve for Tomorrow 2024-25 Concludes with 19 Awards // Homeland Security Probes Anchorage Digital Amid Regulatory Scrutiny // 2023 VinFuture Special Prize Laureate Prof. Daniel Drucker: Ample room remains for innovation in GLP-1 therapies // Crayon’s Biennial Future of Operations Study Uncovers What is Driving SMB IT Spend in APAC //