Starknet (strk) 
The ZKsync team has issued a 72-hour ultimatum to the hackers responsible for a recent exploit, demanding the return of 90% of the stolen funds. Failure to comply will result in the team pursuing criminal liability. This announcement underscores the growing importance of security measures in the cryptocurrency space.
ZKsync Offers a 10% Bounty for Cooperation
In a bid to resolve the situation amicably, ZKsync extended an offer to the hackers through an on-chain message and an official statement. The team proposed, “To resolve this matter amicably in the spirit of safe harbor, we are offering a 10% bounty for your cooperation if you return 90% of the funds involved in the exploit.”
The exploit, which occurred on April 15, targeted ZKsyncβs admin wallet, leading to the theft of $5 million worth of ZK tokens. These funds were reportedly part of the unclaimed tokens from a previous ZKsync airdrop. Despite the breach, ZKsync assured users that all personal funds were safe, and the core protocol and ZK token contracts remained secure.
Details of the Ultimatum
The 72-hour ultimatum explicitly requires the hacker to return:
- 44,687,278.5988 ZK tokens to a designated ZKsync Era address.
- 1,021.3 Ethereum (ETH) and 766 ETH to specified Ethereum layer 1 and ZKsync Era addresses controlled by the ZKsync Security Council.
ZKsync clarified that funds sent to these addresses would not be subject to transaction filtering, which currently restricts transactions from the exploited wallets. The stolen assets must be returned to the designated addresses before the deadline for this resolution to take effect.
Potential Outcomes
If the hacker complies with the conditions, ZKsync has pledged to publicly confirm the resolution and close the case without pursuing further action. This approach reflects a growing trend in the cryptocurrency industry, where platforms negotiate with hackers to recover stolen assets while avoiding prolonged legal battles.
On the other hand, if the hacker fails to meet the deadline, ZKsync has stated it will escalate the matter by involving law enforcement agencies to recover the funds and hold the perpetrators accountable.
Security and Market Reactions
Despite the attack, ZKsync confirmed that its protocol remains secure, and user funds were never at risk. The announcement comes as the ZK token experiences a price rebound, signaling confidence among investors in the platformβs ability to manage the situation effectively.
This incident highlights the ongoing challenges faced by blockchain platforms in maintaining security and trust within the cryptocurrency ecosystem. It serves as a reminder for users and developers to prioritize robust security measures to safeguard assets in the volatile world of crypto.
Key Takeaways for Investors and Developers
- Prioritize security: Always use secure wallets and practice safe storage of private keys.
- Stay informed: Regularly monitor updates from platforms you invest in or use.
- Understand risks: Cryptocurrency investments come with inherent risks, including potential cyber threats.
The ZKsync teamβs swift response and transparency in handling the exploit demonstrate a commitment to upholding trust within the community. As the deadline approaches, the cryptocurrency world will watch closely to see whether the hacker complies with the ultimatum or faces legal repercussions.
