![](\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjUtMDQvMDE5NjNiMDktMTYzNi03NDE2LWI2YWQtMzBmOGYwNDk1NzQ1.jpg\")
\n <\/p>\n\n \n <\/p>\n
The attacker exploited an admin account tied to ZKsync\u2019s airdrop contracts, minting 111 million unclaimed tokens worth $5 million.<\/p>\n
A hacker compromised a ZKsync admin account on April 15, minting $5 million worth of unclaimed airdrop tokens, according<\/a> to a statement from the official ZKsync X account. The attack was described as isolated, with no user funds affected.<\/p>\n Following an investigation, ZKsync detailed<\/a> the incident on April 15, disclosing that the compromised account had administrative control over three airdrop distribution contracts. The attacker exploited a function called sweepUnclaimed() to mint 111 million unclaimed ZK tokens, increasing the total token supply by 0.45%. As of the latest update, the attacker still held control of most of the stolen funds.<\/p>\n Source: <\/em>ZKsync<\/em><\/a><\/p>\n Read more<\/p>\n<\/p>\n If you liked the article, do not forget to share it with your friends. Follow us on\u00a0Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n If you want to read more News<\/a> articles, you can visit our General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n\n