Hackers Hijack ZKsync and Matter Labs X Accounts: Fake SEC Warnings and Phishing Airdrop Unleashed!

ZKsync Regains Control, But Questions Linger

Hold onto your hats, crypto fans! Hackers pulled off a wild stunt, seizing control of the official X accounts of ZKsync and developer Matter Labs. They went full-on chaos mode, blasting out fake SEC warnings and pushing a scammy phishing airdrop!

But wait, there's more! On May 13, the ZKsync crew dropped the bomb that they'd wrestled back control of both accounts. "We're back in the driver's seat," they declared, sounding like total bosses.

So, how'd the hackers pull this off? ZKsync's pointing fingers at some shady "compromised delegated accounts." They've been yeeted out of the picture, and all the nasty tweets? Gone, baby, gone. Now, the team's diving deep into an internal investigation to figure out just what the heck happened.

But hold up, things got even wilder. A ZKsync-affiliated dev account threw a wrench in the works, warning that the accounts might still be under enemy control. Talk about a plot twist! This has everyone wondering if the initial "we're back" statement was just a bit too premature.

Hackers Spread Panic with Fake SEC Claims

These hackers weren't messing around. They used the hijacked accounts to whip up a frenzy, claiming in a now-deleted post that ZKsync was in the SEC's crosshairs and that the Treasury Department was ready to drop the hammer. Talk about stirring the pot!

Harrison Leggio, co-founder of g8keep, wasn't buying it. He called out the move as a calculated play to tank ZKsync's token price. "Instead of dropping a token and stealing a few bucks, they decided to scare the living shit out of onchain degens," he blasted on X. Savage.

But the hackers weren't done yet. They followed up with another post, this time pushing a fake ZK token airdrop. The catch? A phishing link designed to drain your wallets faster than you can say "HODL." Thankfully, the ZKsync team swooped in and took down the post within minutes. Crisis averted? Maybe.

While we're still in the dark about how many folks fell for the scam, ZKsync hasn't spilled the beans on whether anyone got hit with losses.

ZKsync's Token Takes a Hit

At the time of writing, the ZK token was down over 5%, trading around $0.07. That's a pretty hefty dip, especially after a 2% nosedive right after the fake SEC warning hit the scene.

Back-to-Back Breaches Raise Eyebrows

This attack comes hot on the heels of another major security oopsie for ZKsync. Just last month, on April 15, some sneaky attacker exploited admin access to the platform's airdrop distribution contract and minted a whopping 111 million unclaimed ZK tokens. That's about $5 million, folks!

But here's the twist: the attacker played nice and returned 90% of the stolen tokens, keeping the other 10% as a self-declared "bounty." This went down during ZKsync's big airdrop party, where they were handing out 17.5% of their total token supply to the ecosystem.

Even though most of the funds made it back home, these back-to-back breaches have everyone side-eyeing ZKsync's internal security processes. It's like, come on, guys, tighten up that ship!