Over every week after the Zksync hacking incident, the exploiter agreed to a bounty and returned a good portion of the loot.
Regardless of recovering stolen funds, the community’s powering token, ZK, continues to exhibit bearish sentiment.
ZKSync Hacker Returns $5.7 Million
On April 15, the Ethereum-based Layer-2 scalability solution, ZKsync, suffered a hack. The compromised account managed $5 million price of ZK tokens. As BeInCrypto reported, the incident had caused a 16% price drop.
The incident was controversial after some neighborhood members observed some regarding information. The revelations led to dire allegations, with some likening ZkSync to Mantra (OM). To some, ZKsync responded to the hack by dumping their property at an accelerated tempo.
“The ZkSync group has launched 110 million tokens and bought 66 million. The worth of ZK goes towards the pattern because the market is recovering, and it has instantly dropped by 15%. First OM, now ZK, this undertaking appears to be heading within the unsuitable path,” one person noted.
This bordered on embezzlement. Nonetheless, in a latest improvement, the ZKsync Affiliation revealed that the hacker returned 90% of the funds, successfully honoring the protected harbor deadline.
By an April 21 publish on X (Twitter), the ZKsync Safety Council provided the hacker a ten% bounty in the event that they returned the stolen funds, permitting a 72-hour window.
“To resolve this matter amicably within the spirit of protected harbor, we’re providing a ten% bounty to your cooperation if you happen to return 90% of the funds concerned within the exploit,” ZK Nation shared on X.
Because it occurred, the dangerous actor heeded, transferring nearly $5.7 million to the ZKsync Safety Council throughout three transfers on April 23.
Particularly, they sent two transfers on the ZKsync Period blockchain. The primary concerned sending $1.83 million price of Ethereum (ETH) to the ZKsync Safety Council’s ZKsync Period handle, and the second concerned sending $2.47 million price of ZKsync tokens.
Within the third transaction, the ZKSync hacker despatched 776 ETH price roughly $1.4 million to the ZkSync Safety Council’s Ethereum handle.
With this, the ZKsync Affiliation dedicated to publishing a ultimate report revealing extra particulars in regards to the safety incident.
In the meantime, it’s price noting that the hacker adopted directions given by the ZKsync Safety Council to the letter. Based mostly on this, the case closes with out additional motion.
It mirrors previous incidents, together with Ronin Bridge hackers returning $10 million price of ETH and incomes a $500,000 bounty.
Regardless of the flip of occasions, nevertheless, the ZK token continues to show bearish sentiment, down by almost 2% within the final 24 hours. As of this writing, ZKsync’s token was buying and selling for $0.06.
In the meantime, not all hacking incidents honor protected harbor provides. Just lately, Bybit launched a bounty program providing as much as 10% of recovered funds to moral hackers and cybersecurity specialists.
This incentivized efforts to reclaim $1.4 billion in stolen property. Whereas some efforts to reclaim misplaced property yielded outcomes, the partial restoration was due to key business gamers stepping in, not the exploiter.
In the meantime, different ecosystems leverage bounty packages to bolster safety. Cardano’s Charles Hoskinson lately provided a $1 million bounty for hacking the new Lace Paper Wallet, testing its safety.
Equally, Uniswap introduced a record-breaking $15.5 million bug bounty focusing on essential vulnerabilities in its v4 core contracts.
Disclaimer
In adherence to the Trust Project pointers, BeInCrypto is dedicated to unbiased, clear reporting. This information article goals to supply correct, well timed info. Nonetheless, readers are suggested to confirm info independently and seek the advice of with an expert earlier than making any selections based mostly on this content material. Please notice that our Terms and Conditions, Privacy Policy, and Disclaimers have been up to date.