
Key Points
- ZKsync Token Falters After Hacker Returns $5.7M
- ZKsync Security Council offered a 10% bounty for cooperation
- Despite recovery, ZK token price continues to dip by nearly 2%
- Community remains skeptical, suspecting internal asset dumping
On April 15, Ethereum Layer-2 project ZKsync was hit with a major exploit involving approximately $6.3 million in assets. In a surprising yet familiar move, the hacker behind the breach agreed to return 90% of the stolen funds in exchange for a 10% bounty, amounting to about $5.7 million sent back to the ZKsync Security Council.
Despite this seemingly positive resolution, the ZKsync token remains under selling pressure. Over the past 24 hours, its price dipped by nearly 2%, continuing a downward trend that began with the initial exploit, which had triggered a sharp 16% drop. As of now, the token trades at around $0.06.
The $ZK @zksync team has released 110 million tokens and sold 66 million.
The price of $ZK is going against the trend as the market is recovering, and it has immediately dropped by 15%.
First $OM, now #ZK — this project seems to be heading in the wrong direction. pic.twitter.com/WeoFKFUNzV
— AZC.News (@AZCNews) April 15, 2025
The bounty offer was made public via a post on X (formerly Twitter) on April 21, where the ZKsync Security Council granted a 72-hour safe harbor period for the hacker to cooperate. The proposal was clear: return 90% of the funds, and keep 10% as a reward.
Following this, the hacker completed three key transactions:
-
$1.83 million in ETH sent to the ZKsync Era address
-
$2.47 million in ZK tokens also transferred on ZKsync Era
-
776 ETH (about $1.4 million) sent to ZKsync’s Ethereum address
The swift and orderly execution of the bounty terms led to the ZKsync Association declaring the matter resolved, with no further legal action planned. A full post-mortem report is expected soon.
We’re pleased to share that the hacker has cooperated and returned the funds within the safe harbor deadline. As stated in the original Security Council message, the case is now considered resolved.
The assets are now in custody of the Security Council, and the decision on what… https://t.co/X0oejun9Tx
— ZK Nation (@TheZKNation) April 23, 2025
This approach mirrors past incidents like the Ronin Bridge hack, where hackers returned stolen funds in exchange for a partial bounty. It’s part of a growing trend in crypto: security councils and foundations using bounty systems to recover lost assets without resorting to prolonged legal fights.
A message from ZKsync Security Council to the Hacker:
To resolve this matter amicably in the spirit of safe harbor, we are offering a 10% bounty for your cooperation if you return 90% of the funds involved in the exploit. Specifically:
1⃣ Sending 44,687,278.5988 ZK tokens to…
— ZK Nation (@TheZKNation) April 21, 2025
Bearish sentiment persists despite fund recovery
The return of funds didn’t boost investor sentiment. Instead, the ZKsync token continued to slip, raising questions about the project’s long-term stability and governance.
Some community members expressed deep concern even before the exploit was resolved. On-chain data pointed to what appeared to be massive token dumps by the ZKsync team. Allegedly, 110 million tokens were released, and 66 million were sold, just as ZK was already under pressure. Critics drew parallels to the Mantra (OM) controversy, where a similar sell-off followed a breach.
Transfers made through the ZkSync Era blockchain. Source: explorer.zksync.io – Techtoken
One user posted, “First OM, now ZK—this project seems to be heading in the wrong direction.”
The accusations, though unconfirmed, have stoked speculation about insider behavior and poor token management. And in crypto, perception often drives price as much as fundamentals.
ZKsync now faces an uphill battle—not just in regaining technical security, but in restoring community trust. Even with the hacker’s cooperation and the majority of funds returned, the optics of the incident, combined with the token’s performance, have created a PR crisis.
Other ecosystems are taking lessons from such incidents. Exchanges like Bybit recently introduced bounty programs promising up to 10% rewards for recovered assets, aiming to attract white-hat hackers. Cardano’s Charles Hoskinson even put out a $1 million bounty to test the resilience of its Lace Paper Wallet. Meanwhile, Uniswap announced a massive $15.5 million bug bounty for its v4 contracts.
These examples highlight a shift in how the crypto industry handles breaches—moving from reactive damage control to proactive risk management. But ZKsync’s current situation also proves one thing clearly: recovering funds isn’t always enough to fix a broken market narrative.
Token volatility is growing across crypto
ZKsync isn’t the only project facing heat. A growing number of tokens are seeing massive swings due to a mix of hacks, hype cycles, and shifting investor sentiment.
Just recently, KiloEx token dropped over 5% following questions around its liquidity pool health and broader market instability. Similarly, ZachXBT slammed Zora’s content coins as nothing more than hollow hype, sparking controversy across Web3 communities.
On the flip side, Bitcoin has seen upward momentum as major macro events unfold. Trump’s comments easing tensions with the Fed gave the top crypto a solid boost. Meanwhile, institutions are pushing back into the space, with interest rising in options like the Bitcoin investment fund, suggesting a long-term bullish case for established assets.
The contrast is clear—while leading coins benefit from institutional backing and political influence, emerging tokens like ZKsync are often more vulnerable to sentiment-driven moves. That’s why regulatory developments are also playing a big role. With voices like Paul Atkins, former SEC Chairman, calling for a more innovation-friendly regulatory approach, the next few months could be critical for the entire Layer-2 and DeFi ecosystem.