ZKsync and Matter Labs X Accounts Hacked in Phishing Scam, False Claims of US Probe Spread

The official X accounts of the Ethereum scaling solution ZKsync and its developer, Matter Labs, were compromised in an attack that combined market manipulation tactics with phishing attempts.

The hackers published fake regulatory warnings and malicious airdrop links in what appears to be a deliberate attempt to crash the ZK token price.

This hack is the second significant security incident for the protocol in less than a month, raising questions about the platform’s security measures.

ZKsync and Matter Labs X Accounts Hacked: Fake SEC Warnings and Phishing Links Spread Panic

On May 13, 2025, hackers gained unauthorized access to ZKsync and Matter Labs’ official X accounts, using them to spread misinformation and phishing links.

According to the latest updates from ZKsync, both accounts have now been secured and are “fully back in the control of the team.”

The attackers executed a two-pronged assault on the platform’s reputation and token price.

First, the two accounts were used to publish false claims that ZKsync was under investigation by the US Securities and Exchange Commission (SEC) and warned about possible Treasury Department sanctions.

These fake regulatory warnings appeared designed to create panic among investors and traders.

The market reacted swiftly to the false regulatory claims. According to data from CoinGecko, the ZK token price dropped approximately 5% following the hack, trading around $0.07.

This decline occurred despite the token enjoying a rally of nearly 38.5% over the previous week.

Market commentator Harrison Leggio, co-founder of g8keep, noted the unusual nature of the attack, writing: “Instead of dropping a token and stealing a few bucks they decided to scare the living shit out of onchain degens.”

This suggests the attackers may have been more interested in manipulating market sentiment than direct theft.

Shortly after the regulatory misinformation, the hackers published a second post promoting a fake ZK token airdrop, which included phishing links designed to drain users’ wallets.

According to Matter Labs communications head Lynnette Nolan, the breach likely occurred through “compromised delegated accounts,” which have limited posting privileges on behalf of the main accounts.

These accounts have since been disconnected, and an internal investigation is underway to determine the full extent of the compromise.

The ZKsync team quickly deleted all malicious tweets after regaining control of the accounts.

Ongoing Security Challenges After Recent Airdrop Exploit

This social media breach represents the second significant security incident for ZKsync in less than a month.

On April 15, 2025, an attacker exploited admin access to the platform’s airdrop distribution contract and minted 111 million unclaimed ZK tokens worth approximately $5 million.

That earlier incident was eventually resolved when the hacker agreed to return 90% of the stolen tokens, keeping the remaining 10% as a self-declared bounty.

The return was completed on April 23, with the hacker transferring nearly $5.7 million across three transactions to the ZKsync Security Council.

The back-to-back breaches have raised serious questions about ZKsync’s security practices and protocols.

While the April incident was isolated to the airdrop distribution contract, and no user funds were compromised, the recurring nature of security failures may damage trust in the platform.

These incidents come when crypto security breaches are becoming increasingly common. According to search result data, approximately $2 billion was lost to crypto hacks in the first quarter of 2025 alone, nearly matching the total losses for all 2024.

The post ZKsync and Matter Labs X Accounts Hacked in Phishing Scam, False Claims of US Probe Spread appeared first on Cryptonews.