The Big Scoop: ZKsync's Bounty Bargain
Recovered $5.7 Million in Stolen Cryptocurrency by ZKsync Following Bounty Agreement Negotiations
Let's dish the deets on the recent stir in the crypto world! On April 15, ZKsync's airdrop distribution contract fell prey to a smart hack, resulting in the theft of around $5 million in ZK and ETH tokens. But, here's the twist – the hacker ended up aiding in the recovery of a whopping $5.7 million!
The Drama Unfolds
The cunning scoundrel who orchestrated the security breach by minting a staggering 111 million ZK tokens using a compromised admin key, agreed to accept a 10% bounty, returning a hefty 90% of the loot within 72 hours – now that's some quick thinking!
Communicating the Good News
The ZKsync Association officially announced the happy ending on April 23 via their social media channels, expressing their satisfaction and gratitude, "Laugh N' Learn! The hacker has done what we hoped: returned the funds within the safe harbor deadline!"
The Swap Story
Of the recovered funds, $2.47 million worth of ZK tokens and $1.83 million of Ether were sent to the ZKsync Security Council's Era address. An additional 776 ETH (approximately $1.4 million) was transferred to their Ethereum address.
The Inception of The Heist
Intriguingly, the security breach stemmed from a compromised admin account that allowed the attacker to manipulate the airdrop distribution contract's function. The exploit occurred during ZKsync's airdrop process, distributing 17.5% of ZK's token supply.
Restoring Order
To expedite the recovery process and avoid legal nonsense, ZKsync's Security Council presented a straightforward offer: return 90% of the stolen funds and keep 10% as a bounty, cleverly skirting lengthy court battles. The offer included specific wallet addresses for transferring the tokens across both the ZKsync Era network and Ethereum's mainnet.
Winding Down
Within the 72-hour window, the hacker followed these terms and transferred the funds smoothly. Dissolving any further action against the hacker, ZKsync confirmed that it would publish a comprehensive forensic report about the incident.
Fascinated by the intricate dance between cat and mouse in the crypto realm where projects willingly offer bounties rather than pursuing legal remedies? Well, strap in – this thrilling saga is far from over!
- The hacker, who unauthorizedly minted 111 million ZK tokens during the ZKsync airdrop, agreed to return 90% of the stolen funds in exchange for a 10% bounty.
- The recovery of the stolen funds worth about $5.7 million was possible due to the implementation of bounty mechanisms by ZKsync, avoiding lengthy court battles.
- The hacker's agreement to accept the bounty and return the majority of the stolen funds was aided by the technology used in ZKsync's airdrop distribution contract.
- The use of bounties as a recovery mechanism for unauthorized airdrops could become a trend in the Ethereum and other cryptocurrency networks, as it demonstrates the effectiveness of such technology in resolving security breaches.
