Hackers Compromise ZKsync and Matter Labs Accounts, Spread Phishing Scams

Hackers recently targeted the official X accounts of ZKsync and its developer, Matter Labs, to disseminate fake SEC warnings and promote a phishing airdrop. The attack has raised significant concerns about the platform’s security protocols.

Accounts Regained, But Questions Linger

On May 13, ZKsync announced that both accounts were β€œfully back in the control of the team.” According to the update, the breach likely occurred through compromised delegated accounts, which have since been disconnected. All malicious posts were promptly deleted, and an internal investigation is currently underway to determine the exact cause of the hack.

However, a later update from a ZKsync-affiliated developer account contradicted this statement, warning users that the accounts might still be compromised. This has led to further concerns about whether the recovery was fully successful.

Hackers’ Strategy: Misinformation and Phishing

The hackers initially used the compromised accounts to spread panic by falsely claiming that ZKsync was under investigation by the U.S. Securities and Exchange Commission (SEC) and could face sanctions from the Treasury Department. This misinformation appeared to be a calculated move to manipulate market sentiment and potentially impact the token price.

Shortly after, the attackers posted about a fake ZK token airdrop, including a phishing link designed to steal funds from users’ wallets. Although the malicious post was quickly removed, it’s unclear how many users may have interacted with the link. As of now, ZKsync has not confirmed whether any funds were lost in the incident.

Market Impact of the Attack

The attack had an immediate effect on ZKsync’s token price. At the time of writing, the ZK token is trading at approximately $0.07, marking a decline of over 5% following the incident. This drop includes an initial 2% dip that occurred shortly after the fake SEC warning was posted.

Recurring Security Concerns

This breach is not the first security issue ZKsync has faced recently. Less than a month ago, on April 15, an attacker exploited admin access to the platform’s airdrop distribution contract, minting 111 million unclaimed ZK tokens worth around $5 million at the time. While the attacker returned 90% of the stolen funds, keeping the remaining 10% as a self-declared bounty, the incident highlighted vulnerabilities in the platform’s security infrastructure.

The back-to-back breaches have raised questions about ZKsync’s internal security measures and its ability to protect user assets and maintain trust within the cryptocurrency community.

Key Takeaways for Users

These events serve as a crucial reminder for investors and cryptocurrency enthusiasts to exercise caution when interacting with online platforms. Here are some tips to protect yourself:

  • Double-check official announcements: Always verify updates directly from trusted sources before taking action.
  • Avoid clicking suspicious links: Be wary of links promoting airdrops or other offers, especially if they appear on recently hacked accounts.
  • Enable two-factor authentication (2FA): Secure your accounts by enabling 2FA wherever possible.
  • Use hardware wallets: Store significant amounts of cryptocurrency in hardware wallets to reduce exposure to online threats.

As the cryptocurrency space continues to grow, maintaining personal security and staying informed about platform vulnerabilities remain essential for all participants.

Post Views: 0