ZKsync and Matter Labs Experienced Another Security Breach After Their Official X Accounts Were Hacked

ZKsync and Matter Labs experienced another security breach after their official X accounts were hacked on May 13.

The X accounts of ZKsync and Matter Labs were hacked on May 13. The attackers posted false regulatory alerts and phishing links. The attack on ZKsync saw a nearly 5% drop in the token’s price.

The messages claimed that the platform was under investigation by the SEC and that the Treasury Department was preparing sanctions.

However, the news was false, and the post was quickly deleted by ZKsync, which recovered control of its profile.

Shortly after, the hackers spread a fake airdrop with malicious links intended to empty the wallets of unsuspecting users.

According to Matter Labs, the unauthorized access likely occurred through delegated accounts, used to post on behalf of the main accounts but with limited permissions. After detecting the breach, the company disconnected those accounts and removed the fraudulent posts. An internal investigation is currently underway to determine how the incident occurred.

This incident at least marks the third time in less than a month that ZKsync's ecosystem has been targeted by hackers.

On April 15, a hacker exploited a flaw in the airdrop distribution contract and managed to mint 111 million unclaimed tokens, worth about $5 million at the time. On that occasion, an informal agreement was reached for the attacker to return 90% of the assets, keeping the rest as a bounty.

The series of incidents in such a short period raises doubts about ZKsync's security protocols. Although in both cases the users’ funds were not directly compromised, the consequences for reputation and trust are evident.

In the first quarter of 2025 alone, losses from hacks in the crypto ecosystem approached $2 billion, nearly matching the total losses of 2024.