ZKSync Hacked: $5m Stolen In Airdrop Breach, As ZK Price Falls

A security incident has struck the ZKSync ecosystem, leading to the unauthorized withdrawal of around $5million in ZK tokens. The exploit stemmed from a compromised admin wallet tied to the ZK token airdrop contract.

While significant in monetary terms, the breach did not affect the ZKSync protocol itself. In a public update, the team confirmed that user funds remain safe and that core smart contracts, including the ZK token contract, were not impacted.

Breach confined to airdrop contract; Protocol unaffected

According to the ZKSync team, the exploit occurred due to a compromised private key associated with the airdrop contract’s admin wallet. The attacker was able to drain unclaimed ZK tokens meant for future distribution.

“All user funds are safe and have never been at risk,” the team has stated. “The ZKSync protocol and ZK token contract remained secure, and no further ZK is at risk.”

A full incident report is expected to be released within the day. In the meantime, the team is conducting a deeper investigation into the origin of the breach and reviewing internal key management protocols.

ZK token price dips amid fallout

Although it might be a general market trend, the ZK token price took a hit following news of the breach.

As of press time, ZK traded at $0.046, reflecting a 5.42% decline in the last 24 hours. The Relative Strength Index (RSI) was 30.46, hovering near oversold territory, an indication that selling pressure may be peaking.

Volume has also spiked, signaling panic-driven exits and short-term uncertainty among retail traders. With ZK already down more than 80% from its 2025 highs above $0.25, the latest dip adds to a prolonged downtrend.

The token’s poor price performance now combines broader market weakness with project-specific concerns, further complicating its near-term recovery prospects.

ZKSync Era remains structurally intact

Despite the hack, the ZKSync Era network continues to function normally. The platform currently secures approximately $513m in Total Value Secured (TVS), representing 2.88% of all Layer-2 network TVS, according to L2Beat.

This positions ZKSync Era among the top Ethereum rollups in terms of network value and adoption. The fact that this metric remains steady suggests that developers and users still have long-term confidence in the protocol’s scalability and utility, even if token-related sentiment has temporarily weakened.

What’s next?

With the breach confined to the airdrop contract and no wider compromise of user funds, the long-term damage to ZKSync’s credibility may be limited. Still, the incident serves as a high-stakes reminder of the importance of securing admin wallets, especially those connected to token contracts and community distribution programs.

The market will now turn its attention to the promised full post-mortem report, which is expected to detail how the compromise occurred and what preventive steps are being taken.

In the meantime, ZK’s price may remain under pressure, particularly if confidence in the airdrop process continues to erode. The protocol remains intact for now, but sentiment will likely depend on the clarity and transparency of ZKSync’s response.