The official X accounts of the Ethereum scaling solution ZKsync and its developer, Matter Labs, were compromised in an attack that combined market manipulation tactics with phishing attempts. The hackers published fake regulatory warnings and malicious airdrop links in what appears to be a deliberate attempt to crash the ZK token price. This hack is the second significant security incident for the protocol in less than a month, raising questions about the platform’s security measures. ZKsync and Matter Labs X Accounts Hacked: Fake SEC Warnings and Phishing Links Spread Panic On May 13, 2025, hackers gained unauthorized access to ZKsync and Matter Labs’ official X accounts, using them to spread misinformation and phishing links. Warning: Both @zksync and @the_matter_labs accounts have been compromised. Do not interact with that account or click any links. Wait for the @zkSyncDevs account to verify when the account has been reclaimed. We will quote tweet this tweet when @zksync and @the_matter_labs … — ZKsync Developers (∎, ∆) (@zkSyncDevs) May 13, 2025 According to the latest updates from ZKsync, both accounts have now been secured and are “fully back in the control of the team.” The ZKsync and Matter Labs X accounts are fully back in the control of the team. We’re looking into how the accounts were hacked, and believe it was through compromised delegated accounts. All delegated accounts and connected apps have been disconnected, and we’ve deleted any… — ZKsync (∎, ∆) (@zksync) May 13, 2025 The attackers executed a two-pronged assault on the platform’s reputation and token price. First, the two accounts were used to publish false claims that ZKsync was under investigation by the US Securities and Exchange Commission (SEC) and warned about possible Treasury Department sanctions. These fake regulatory warnings appeared designed to create panic among investors and traders. The market reacted swiftly to the false regulatory claims. According to data from CoinGecko , the ZK token price dropped approximately 5% following the hack, trading around $0.07. This decline occurred despite the token enjoying a rally of nearly 38.5% over the previous week. Market commentator Harrison Leggio, co-founder of g8keep, noted the unusual nature of the attack, writing: “Instead of dropping a token and stealing a few bucks they decided to scare the living shit out of onchain degens.” This suggests the attackers may have been more interested in manipulating market sentiment than direct theft. Shoutout to the zksync hackers. Instead of dropping a token and stealing a few bucks they decided to scare the living shit out of onchain degens. pic.twitter.com/ltbwd37WMp — Pop Punk (@PopPunkOnChain) May 13, 2025 Shortly after the regulatory misinformation, the hackers published a second post promoting a fake ZK token airdrop, which included phishing links designed to drain users’ wallets. According to Matter Labs communications head Lynnette Nolan, the breach likely occurred through “compromised delegated accounts,” which have limited posting privileges on behalf of the main accounts. These accounts have since been disconnected, and an internal investigation is underway to determine the full extent of the compromise. The ZKsync and Matter Labs X accounts are fully back in the control of the team. We’re looking into how the accounts were hacked, and believe it was through compromised delegated accounts. All delegated accounts and connected apps have been disconnected, and we’ve deleted any… — Matter Labs (∎, ∆) (@the_matter_labs) May 13, 2025 The ZKsync team quickly deleted all malicious tweets after regaining control of the accounts. Ongoing Security Challenges After Recent Airdrop Exploit This social media breach represents the second significant security incident for ZKsync in less than a month. The @TheZKNation has recovered $5 million worth of stolen tokens following a security breach on April 15. #ZKsync #Hack https://t.co/sb7iC0RqoR — Cryptonews.com (@cryptonews) April 24, 2025 On April 15, 2025, an attacker exploited admin access to the platform’s airdrop distribution contract and minted 111 million unclaimed ZK tokens worth approximately $5 million. That earlier incident was eventually resolved when the hacker agreed to return 90% of the stolen tokens, keeping the remaining 10% as a self-declared bounty. The return was completed on April 23, with the hacker transferring nearly $5.7 million across three transactions to the ZKsync Security Council. The back-to-back breaches have raised serious questions about ZKsync’s security practices and protocols. While the April incident was isolated to the airdrop distribution contract, and no user funds were compromised, the recurring nature of security failures may damage trust in the platform. #Hackers stole more than $92.4 million from #crypto projects in April 2025, while the total loss for the first four months of the year alone surpassed $1.74 billion, according to @Immunefi . https://t.co/YECTPKFNNY — Cryptonews.com (@cryptonews) April 30, 2025 These incidents come when crypto security breaches are becoming increasingly common. According to search result data, approximately $2 billion was lost to crypto hacks in the first quarter of 2025 alone, nearly matching the total losses for all 2024. The post ZKsync and Matter Labs X Accounts Hacked in Phishing Scam, False Claims of US Probe Spread appeared first on Cryptonews .
