ZK Nation has announced that its hacker has cooperated and returned the $5 million that were stolen from ZKsync within the specified timeframe. As stated in the original Security Advisory, the incident is now considered resolved.
ZKSync Recovers Stolen Funds
We’re pleased to share that the hacker has cooperated and returned the funds within the safe harbor deadline. As stated in the original Security Council message, the case is now considered resolved.
The assets are now in custody of the Security Council, and the decision on what… https://t.co/X0oejun9Tx
— ZK Nation (@TheZKNation) April 23, 2025
These assets are now held by the Security Advisory Committee, and the decision on how to handle these assets will be made by governance. The final investigation report is currently being prepared and will be released upon completion. Apparently, the hacker returned the funds within a 72-hour “safe harbor” window that was offered by the protocol’s Security Council.
The firm expressed its gratitude for the assistance , writing, “Thank you to @_SEAL_Org, @PatrickAlphaC, @pcaversaccio, @_hrkrshnn , ZKsync Security Council and ZKsync Guardians for their support.”
The announcement follows after, on April 15, a security breach led to the unauthorized creation of approximately 111 million ZK tokens, worth around $5 million at the time, due to a compromised admin key.
The hackers particularly targeted ZKSync’s airdrop distribution contracts, and left the main protocol, governance systems, and the ZK token contract unaffected.
The attacker managed to evade standard token allocation procedures and claimed tokens left unclaimed from the project’s initial distribution round. Blockchain records has revealed that nearly $3.5 million of the stolen tokens were converted to Ethereum.
ZKSync reassured users that no customer assets or core infrastructure were impacted by the incident.
Thus, to resolve the situation without resorting to legal channels, ZKSync’s Security Council issued an on-chain message proposing a 10% bounty if the attacker returned 90% of the stolen funds.
The proposal outlined specific wallet addresses for returning the ZK and Ethereum tokens via both the ZKSync Era network and Ethereum mainnet.
The agreement was dependent on full repayment by a set deadline. ZKSync has since confirmed that the stolen assets were recovered successfully and stated it will not pursue further action against the individual responsible.
In response to the announcement, ZKSync is currently trading at $0.05510, reflecting a 2.02% decline over the past 24 hours. Trading volume during the same period has reached $30.87 million, while the overall market capitalization has decreased to $202.57 million.
Also Read: Emblem Vault CEO Hit By Zoom Phishing Crypto Attack, Over $100K Crypto Lost
