BTC
$107,604.91
-
0.49%
ETH
$2,459.10
+
0.28%
USDT
$1.0002
+
0.00%
XRP
$2.1763
-
0.65%
BNB
$653.35
+
0.49%
SOL
$149.87
-
1.20%
USDC
$0.9999
+
0.01%
TRX
$0.2771
+
0.88%
DOGE
$0.1638
-
0.21%
ADA
$0.5605
-
0.62%
HYPE
$39.81
+
2.46%
WBT
$45.76
-
3.27%
BCH
$491.61
-
0.31%
SUI
$2.7473
-
2.03%
LINK
$13.14
-
2.05%
LEO
$9.1361
+
0.03%
AVAX
$17.95
-
0.29%
XLM
$0.2353
-
1.33%
SHIB
$0.0₄1138
-
1.95%
LTC
$85.42
-
1.41%
Sign Up
Select Language
English enDeutsch deУкраїнська ukРусский ruFrançais frPortuguês pt-brItaliano itFilipino filNederlands nlEspañol es
Logo
Web3
Share this article

ZKSync Hacker Returns $5M in Stolen Tokens After Accepting 10% Bounty

The hacker cooperated with the ZKsync team and returned the funds within the “safe harbor” deadline while taking a 10% bounty..

By Francisco Rodrigues|Edited by Sheldon Reback
Updated Apr 24, 2025, 4:29 p.m. Published Apr 24, 2025, 8:04 a.m.
Glasses in front of monitors with code (Kevin Ku/Unsplash)
The ZKSync hacker returned tokens stolen from an admin wallet. (Kevin Ku/Unsplash)

What to know:

  • Nearly $5 million worth of stolen ZK tokens were returned after the hacker accepted a 10% bounty.
  • The hacker returned the funds within the “safe harbor” deadline.
  • The ZKsync Security Council will determine the fate of the recovered tokens.

ZKsync said $5 million worth of tokens stolen during an admin wallet hack last week have been returned and the case is now considered resolved.

The layer-2 blockchain protocol saw a hacker compromise its admin wallet, leading to the theft of unclaimed tokens from the ZKsync airdrop.

jwp-player-placeholder
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the The Protocol Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

In a post on X, the project said the hacker cooperated with the team and returned the funds within the “safe harbor” deadline — a grace period commonly offered in security incidents to incentivize returns without legal consequence. The cooperation means the hacker took a 10% bounty.

The tokens are now in custody of the ZKsync Security Council and a governance process will determine what to do with them. A final investigation report is being prepared and will be published when complete.

Zksync eraHack
Francisco Rodrigues

Francisco is a reporter for CoinDesk with a passion for cryptocurrencies and personal finance. Before joining CoinDesk he worked at major financial and crypto publications. He owns bitcoin, ether, solana, and PAXG above CoinDesk's $1,000 disclosure threshold.

Francisco Rodrigues