05-13-2025, 06:00 PM
News ZKsync X hacker posts false SEC probe in apparent effort to crash token
<p style="float:right; margin:0 0 10px 15px; width:240px;"><img src="https://images.cointelegraph.com/images/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjUtMDUvMDE5NmM3MmYtYzc0MC03Njc3LTg1NTctZjZkMGNlMTg2Y2Ni.jpg"></p><p><p style="float:right; margin:0 0 10px 15px; width:240px;"><img src="https://images.cointelegraph.com/images/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjUtMDUvMDE5NmM3MmYtYzc0MC03Njc3LTg1NTctZjZkMGNlMTg2Y2Ni.jpg" alt="ZKsync X hacker posts false SEC probe in apparent effort to crash token"></p><p>The X account of the Ethereum layer 2 network ZKsync and its developer Matter Labs were compromised early on May 13, with hackers falsely claiming the network was being probed by US authorities, among other scam messages. <p>A ZKsync-related X account <a data-ct-non-breakable="null" href="https://x.com/zkSyncDevs/status/1922085897509732721" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/zkSyncDevs/status/1922085897509732721">posted</a> on May 13, confirming the accounts for ZKsync and Matter Labs were compromised, warning users not to interact after the accounts shared links to a fake airdrop in an apparent phishing scam.</p><figure><img alt="ZKsync X hacker posts false SEC probe in apparent effort to crash token" src="https://s3.cointelegraph.com/uploads/2025-05/0196c72d-7dfb-7776-bc87-19b431a669fb" title=""><figcaption style="text-align: center;"><em>Other X users had warned the ZKsync X account was compromised. Source: </em><a data-ct-non-breakable="null" href="https://x.com/pseudotheos/status/1922078376539390213" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/pseudotheos/status/1922078376539390213"><em>pseudo</em></a></figcaption></figure><p>The hacked ZKsync and Matter Labs then <a data-ct-non-breakable="null" href="https://x.com/zksync/status/1922088665762730402" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/zksync/status/1922088665762730402">both</a> <a data-ct-non-breakable="null" href="https://x.com/the_matter_labs/status/1922088712512454891" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/the_matter_labs/status/1922088712512454891">posted</a> a fake statement claiming ZKsync was under investigation by the US Securities and Exchange Commission and that the Treasury Department could impose sanctions on the platform.</p><p>Matter Labs communications head Lynnette Nolan confirmed to Cointelegraph that the now-deleted X post “is not legit” and both accounts are now “fully back in the control of the team.”</p><p>“Shoutout to the zksync hackers. Instead of dropping a token and stealing a few bucks they decided to scare the living shit out of onchain degens,” crypto startup g8keep co-founder Harrison Leggio, who goes by “Pop Punk,” <a data-ct-non-breakable="null" href="https://x.com/PopPunkOnChain/status/1922091384736997862" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/PopPunkOnChain/status/1922091384736997862">posted</a> to X.</p><figure><img alt="ZKsync X hacker posts false SEC probe in apparent effort to crash token" src="https://s3.cointelegraph.com/uploads/2025-05/0196c734-e1d6-77fe-90fd-c1cb41ba8640" title=""><figcaption style="text-align: center;"><em>Source: </em><a data-ct-non-breakable="null" href="https://x.com/PopPunkOnChain/status/1922091384736997862" rel="null" target="null" text="null" title="https://x.com/PopPunkOnChain/status/1922091384736997862"><em>Harrison Leggio</em></a></figcaption></figure><p>The fake statement was seemingly aimed at crashing the price of the platform’s self-titled token, ZKsync (<a data-ct-non-breakable="null" href="https://cointelegraph.com/zksync-price-index" rel="" target="_self" text="null" title="https://cointelegraph.com/zksync-price-index">ZK</a>), which has fallen around 2% in the last hour amid the X account breach, <a data-ct-non-breakable="null" href="https://www.coingecko.com/en/coins/zksync" rel="nofollow noopener" target="_blank" text="null" title="https://www.coingecko.com/en/coins/zksync">according</a> to CoinGecko.</p><p>The SEC has investigated crypto companies in the past, and many of these firms have chosen to publicly disclose when they’ve been investigated by the regulator.</p><p>The SEC has stopped <a data-ct-non-breakable="null" href="https://cointelegraph.com/magazine/sec-crypto-laws-unclear/" rel="" target="_self" text="null" title="https://cointelegraph.com/magazine/sec-crypto-laws-unclear/">many of its probes</a> under the Trump administration, with Crypto.com, Immutable, OpenSea and RobinHood Crypto, among others, confirming the agency had ended investigations.</p><p>ZK is down 6.4% over the last day to trade at around 7 cents, cooling from a nearly 38.5% rally it’s enjoyed over the past week.</p><p><em><strong>Related: </strong></em><a data-ct-non-breakable="null" href="https://cointelegraph.com/news/sec-hacker-eric-council-sentencing-recommendation" rel="null" target="null" text="null" title="null"><em><strong>US prosecutors want 2 years for SEC X account hacker</strong></em></a></p><p>Matter Labs’ Nolan said the firm was looking into how the X accounts were breached, and believed it was via “compromised delegated accounts,” which allow users limited access to an X account, allowing them to post on its behalf. </p><h2>Two hacks in as many months</h2><p>It’s the second compromise of ZKsync-controlled platforms since April. </p><p>On April 15, an attacker breached the admin account of ZKsync’s airdrop distribution contract and used a function to mint 111 million unclaimed ZK tokens, worth approximately $5 million at the time.</p><p>The hack happened amid the platform handing out 17.5% of ZK’s supply to ecosystem participants.</p><p>The attacker later <a data-ct-non-breakable="null" href="https://cointelegraph.com/news/zk-sync-recovers-5-million-stolen-tokens-hacker-accepts-bounty" rel="" target="_self" text="null" title="https://cointelegraph.com/news/zk-sync-recovers-5-million-stolen-tokens-hacker-accepts-bounty">returned 90% of the stolen tokens</a>, agreeing to keep 10% as a bounty.</p><p><em><strong>Magazine: </strong></em><a data-ct-non-breakable="null" href="https://cointelegraph.com/magazine/bitcoinos-starknet-adding-smart-contracts-bitcoin-zk-proofs/" rel="null" target="null" text="null" title="null"><em><strong>ZK-proofs are bringing smart contracts to Bitcoin — BitcoinOS and Starknet</strong></em></a></p><template data-name="subscription_form" data-type="markets_outlook" label="Subscription Form: Markets Outlook"></template></p>
</p>
https://cointelegraph.com/news/zksync-x-...er_inbound
<p style="float:right; margin:0 0 10px 15px; width:240px;"><img src="https://images.cointelegraph.com/images/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjUtMDUvMDE5NmM3MmYtYzc0MC03Njc3LTg1NTctZjZkMGNlMTg2Y2Ni.jpg"></p><p><p style="float:right; margin:0 0 10px 15px; width:240px;"><img src="https://images.cointelegraph.com/images/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjUtMDUvMDE5NmM3MmYtYzc0MC03Njc3LTg1NTctZjZkMGNlMTg2Y2Ni.jpg" alt="ZKsync X hacker posts false SEC probe in apparent effort to crash token"></p><p>The X account of the Ethereum layer 2 network ZKsync and its developer Matter Labs were compromised early on May 13, with hackers falsely claiming the network was being probed by US authorities, among other scam messages. <p>A ZKsync-related X account <a data-ct-non-breakable="null" href="https://x.com/zkSyncDevs/status/1922085897509732721" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/zkSyncDevs/status/1922085897509732721">posted</a> on May 13, confirming the accounts for ZKsync and Matter Labs were compromised, warning users not to interact after the accounts shared links to a fake airdrop in an apparent phishing scam.</p><figure><img alt="ZKsync X hacker posts false SEC probe in apparent effort to crash token" src="https://s3.cointelegraph.com/uploads/2025-05/0196c72d-7dfb-7776-bc87-19b431a669fb" title=""><figcaption style="text-align: center;"><em>Other X users had warned the ZKsync X account was compromised. Source: </em><a data-ct-non-breakable="null" href="https://x.com/pseudotheos/status/1922078376539390213" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/pseudotheos/status/1922078376539390213"><em>pseudo</em></a></figcaption></figure><p>The hacked ZKsync and Matter Labs then <a data-ct-non-breakable="null" href="https://x.com/zksync/status/1922088665762730402" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/zksync/status/1922088665762730402">both</a> <a data-ct-non-breakable="null" href="https://x.com/the_matter_labs/status/1922088712512454891" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/the_matter_labs/status/1922088712512454891">posted</a> a fake statement claiming ZKsync was under investigation by the US Securities and Exchange Commission and that the Treasury Department could impose sanctions on the platform.</p><p>Matter Labs communications head Lynnette Nolan confirmed to Cointelegraph that the now-deleted X post “is not legit” and both accounts are now “fully back in the control of the team.”</p><p>“Shoutout to the zksync hackers. Instead of dropping a token and stealing a few bucks they decided to scare the living shit out of onchain degens,” crypto startup g8keep co-founder Harrison Leggio, who goes by “Pop Punk,” <a data-ct-non-breakable="null" href="https://x.com/PopPunkOnChain/status/1922091384736997862" rel="nofollow noopener" target="_blank" text="null" title="https://x.com/PopPunkOnChain/status/1922091384736997862">posted</a> to X.</p><figure><img alt="ZKsync X hacker posts false SEC probe in apparent effort to crash token" src="https://s3.cointelegraph.com/uploads/2025-05/0196c734-e1d6-77fe-90fd-c1cb41ba8640" title=""><figcaption style="text-align: center;"><em>Source: </em><a data-ct-non-breakable="null" href="https://x.com/PopPunkOnChain/status/1922091384736997862" rel="null" target="null" text="null" title="https://x.com/PopPunkOnChain/status/1922091384736997862"><em>Harrison Leggio</em></a></figcaption></figure><p>The fake statement was seemingly aimed at crashing the price of the platform’s self-titled token, ZKsync (<a data-ct-non-breakable="null" href="https://cointelegraph.com/zksync-price-index" rel="" target="_self" text="null" title="https://cointelegraph.com/zksync-price-index">ZK</a>), which has fallen around 2% in the last hour amid the X account breach, <a data-ct-non-breakable="null" href="https://www.coingecko.com/en/coins/zksync" rel="nofollow noopener" target="_blank" text="null" title="https://www.coingecko.com/en/coins/zksync">according</a> to CoinGecko.</p><p>The SEC has investigated crypto companies in the past, and many of these firms have chosen to publicly disclose when they’ve been investigated by the regulator.</p><p>The SEC has stopped <a data-ct-non-breakable="null" href="https://cointelegraph.com/magazine/sec-crypto-laws-unclear/" rel="" target="_self" text="null" title="https://cointelegraph.com/magazine/sec-crypto-laws-unclear/">many of its probes</a> under the Trump administration, with Crypto.com, Immutable, OpenSea and RobinHood Crypto, among others, confirming the agency had ended investigations.</p><p>ZK is down 6.4% over the last day to trade at around 7 cents, cooling from a nearly 38.5% rally it’s enjoyed over the past week.</p><p><em><strong>Related: </strong></em><a data-ct-non-breakable="null" href="https://cointelegraph.com/news/sec-hacker-eric-council-sentencing-recommendation" rel="null" target="null" text="null" title="null"><em><strong>US prosecutors want 2 years for SEC X account hacker</strong></em></a></p><p>Matter Labs’ Nolan said the firm was looking into how the X accounts were breached, and believed it was via “compromised delegated accounts,” which allow users limited access to an X account, allowing them to post on its behalf. </p><h2>Two hacks in as many months</h2><p>It’s the second compromise of ZKsync-controlled platforms since April. </p><p>On April 15, an attacker breached the admin account of ZKsync’s airdrop distribution contract and used a function to mint 111 million unclaimed ZK tokens, worth approximately $5 million at the time.</p><p>The hack happened amid the platform handing out 17.5% of ZK’s supply to ecosystem participants.</p><p>The attacker later <a data-ct-non-breakable="null" href="https://cointelegraph.com/news/zk-sync-recovers-5-million-stolen-tokens-hacker-accepts-bounty" rel="" target="_self" text="null" title="https://cointelegraph.com/news/zk-sync-recovers-5-million-stolen-tokens-hacker-accepts-bounty">returned 90% of the stolen tokens</a>, agreeing to keep 10% as a bounty.</p><p><em><strong>Magazine: </strong></em><a data-ct-non-breakable="null" href="https://cointelegraph.com/magazine/bitcoinos-starknet-adding-smart-contracts-bitcoin-zk-proofs/" rel="null" target="null" text="null" title="null"><em><strong>ZK-proofs are bringing smart contracts to Bitcoin — BitcoinOS and Starknet</strong></em></a></p><template data-name="subscription_form" data-type="markets_outlook" label="Subscription Form: Markets Outlook"></template></p>
</p>
https://cointelegraph.com/news/zksync-x-...er_inbound