The decentralized organization behind ZKsync, known as ZK Nation, confirmed Wednesday that it has recovered the majority of funds stolen in a recent exploit after the attacker accepted a 10% bounty deal.
In a post on X, ZK Nation stated that the returned assets are now in the custody of the protocol’s Security Council, which will defer to governance to determine next steps regarding the funds. A full investigation report is underway and will be released publicly once finalized.
Hacker Took $5M From Admin Wallet
The incident occurred on April 15, when a hacker gained control of an admin wallet containing approximately $5 million in unclaimed ZK tokens left over from the recent ZKsync airdrop. ZKsync’s team quickly assured users that no individual funds were compromised and that the exploit posed no broader risk to the network.
Deal Averts Criminal Case
Earlier this week, the Security Council gave the attacker a deadline: return 90% of the funds within 72 hours and keep 10% as a white-hat bounty—or face legal escalation. The attacker complied, avoiding what the Council described as a potential full-scale criminal investigation.
The move reflects a growing trend of Web3 protocols using bounty programs to recover stolen assets while reducing damage and legal friction.
Let me know if you’d like a visual to accompany this update or a more technical breakdown of how the exploit happened.
Kosta Gushterov
Reporter at Coindoo
Kosta has been a part of the team since 2021 and has solidified his position with a thirst for knowledge, incredible dedication to his work and a “detective-like” mindset. He not only covers a wide range of trending topics, he also creates reviews, PR articles and educational content. His work has also been referenced by other news outlets.
Source: https://coindoo.com/zksync-hacker-returns-funds-after-accepting-10-bounty-offer/