Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124

On May 13th, the X (formerly Twitter) accounts of the Ethereum layer-2 network ZKsync and its developer, Matter Labs, were compromised in a sophisticated phishing attack. Hackers disseminated false claims that the network was under investigation by US authorities, including the SEC and Treasury Department, potentially leading to sanctions. These claims were designed to manipulate market sentiment and crash the price of the ZKsync (ZK) token.
The fraudulent messages included links to a fake airdrop, a common tactic to steal cryptocurrency. The compromised accounts were quickly identified by other X users and subsequently confirmed as compromised by an official ZKsync account. Matter Labs’ communications head, Lynnette Nolan, confirmed the illegitimate nature of the posts and reassured users that the accounts were restored to the team’s control.
Interestingly, the attack was noted by some as surprisingly inept, focusing on market manipulation rather than direct token theft. Despite the disruption, the price of ZK only experienced a minor dip of around 2% immediately following the incident, recovering somewhat. However, the token has still seen a larger drop over the past 24 hours, down approximately 6.4% to around $0.07. This follows a recent significant rally of almost 38.5% in the preceding week.
The incident marks the second security breach for ZKsync-related platforms in as many months. In April, an attacker exploited a vulnerability in ZKsync’s airdrop distribution contract, minting 111 million unclaimed ZK tokens ($5 million at the time). While the majority (90%) of these tokens were eventually returned, the incident highlights ongoing security concerns within the ZKsync ecosystem.
Matter Labs is investigating the cause of the X account breach, suspecting compromised delegated accounts allowed limited access for malicious posting. The events underscore the vulnerability of social media platforms to targeted attacks and the importance of robust security measures in the cryptocurrency space. The SEC’s past investigations of crypto companies, some of which were eventually dropped, provide a relevant backdrop to the false claims made during the attack.