On April 15, 2025, ZKsync's admin wallet was compromised, resulting in the theft of approximately $5 million worth of ZK tokens.

This breach led to a significant market reaction, with ZK token prices dropping by 20% shortly after the incident.

Following the hack, the ZK token's value experienced a notable decline, falling by 13.7% within 24 hours.

In response to the incident, the ZKsync team assured users that all funds are safe and that they are conducting an ongoing investigation.

ZKsync confirmed that the attack was isolated to the airdrop contract and did not affect user funds or the broader protocol.

The team is also working with exchanges and a blockchain security firm to recover the stolen funds and has invited the attacker to negotiate a return.

On-chain data revealed that the attacker has already exchanged $3.5 million of the stolen tokens for Ethereum.

The attacker exploited a vulnerability in the airdrop distribution contracts, minting around 111 million unclaimed ZK tokens.

This incident has led to allegations of embezzlement against ZKsync's developers, resulting in a significant loss of community trust.

Despite the turmoil, trading volume for ZK tokens surged by 96%, reaching $71 million in the aftermath of the hack.

ZKsync plans to release a full post-mortem report after completing their internal reviews and recovery efforts.

Since reaching an all-time high in December 2024, ZKsync's token has faced a steady decline throughout 2025, with this incident marking a new low.