Hackers targeting Ethereum scaling protocol ZKsync stole about $5 million of its native ZK crypto because of "a compromised" administrative account that allowed them to take control of unclaimed tokens from a recent airdrop, the project said Tuesday. 

The project’s native ZK token plunged on the news, dropping to nearly $0.04, according to crypto data provider CoinGecko. The token has since recovered slightly, and is now trading for nearly $0.05—an 8% decline over 24 hours. 

ZKsync is one of many “layer-2s”—blockchains that aim to speed up using the Ethereum crypto network. Such networks skirt around using the mainnet to cut costs. 

ZKsync said Tuesday on X: “All user funds are safe and have never been at risk. The ZKsync protocol and ZK token contract remained secure, and no further ZK is at risk.”

It added that hackers were able to mint new ZK tokens by targeting the tech behind the project’s airdrop. In the crypto world, would-be investors that show interest in an upcoming project are gifted tokens in airdrops. 

“This is an isolated incident caused by a compromised key and confined to the ZK Token airdrop contract,” ZKsync added. “The investigation is ongoing, and a detailed update will be shared later today.”

ZKsync did not immediately respond to Decrypt’s questions. 

Hacks in the crypto space are common, especially in the fast-moving world of decentralized applications. Such apps—often built upon Ethereum—use code to automate processes, like borrowing and earning yield with digital coins and tokens. 

Hackers this year have already made away with a fortune after cybercriminals in February stole $1.4 billion from major centralized crypto exchange Bybit—the biggest crypto hack of all time. A large amount of those funds were sold on decentralized exchanges.

In the first two months of 2025, hackers stole nearly $1.6 billion in crypto, according to blockchain security firm Immunefi, which isn’t too far off last year’s total of $2.2 billion. 

Previously, many incidents would involve decentralized protocols, but last year, hackers went after centralized exchanges, too. 

Edited by James Rubin

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.