ZKSYNC和物质实验室在官方X帐户被黑客攻击后遭受了另一种安全漏洞

Zksync和Matter Labs在5月13日官方X帐户被黑客入侵后，遭受了另一种安全漏洞。

The X accounts of ZKsync and Matter Labs were hacked on May 13. The attackers posted false regulatory alerts and phishing links. The attack on ZKsync saw a nearly 5% drop in the token’s price.

ZKSYNC和物质实验室的X帐户于5月13日被黑客入侵。攻击者发布了错误的监管警报和网络钓鱼链接。对Zksync的攻击使令牌的价格下降了近5％。

The messages claimed that the platform was under investigation by the SEC and that the Treasury Department was preparing sanctions.

这些消息声称该平台正在由SEC调查，财政部正在准备制裁。

However, the news was false, and the post was quickly deleted by ZKsync, which recovered control of its profile.

但是，这个消息是错误的，该帖子很快被ZKSYNC删除，该帖子恢复了对其个人资料的控制。

Shortly after, the hackers spread a fake airdrop with malicious links intended to empty the wallets of unsuspecting users.

不久之后，黑客散布了一个带有恶意链接的假气电器，旨在清空毫无戒心的用户的钱包。

According to Matter Labs, the unauthorized access likely occurred through delegated accounts, used to post on behalf of the main accounts but with limited permissions. After detecting the breach, the company disconnected those accounts and removed the fraudulent posts. An internal investigation is currently underway to determine how the incident occurred.

根据Matter Labs的说法，未经授权的访问可能是通过授权帐户发生的，用于代表主要帐户发布但许可有限。发现违规行为后，该公司断开了这些帐户并删除了欺诈性职位。目前正在进行内部调查，以确定事件的发生方式。

This incident at least marks the third time in less than a month that ZKsync's ecosystem has been targeted by hackers.

这一事件至少标志着不到一个月的第三次ZKSYNC的生态系统是黑客的目标。

On April 15, a hacker exploited a flaw in the airdrop distribution contract and managed to mint 111 million unclaimed tokens, worth about $5 million at the time. On that occasion, an informal agreement was reached for the attacker to return 90% of the assets, keeping the rest as a bounty.

4月15日，一名黑客利用了Airdrop发行合同中的缺陷，并设法铸造了1.11亿个无人认领的令牌，当时价值约500万美元。那时，达成了一项非正式协议，供袭击者退还90％的资产，将其余的赏金保留为赏金。

The series of incidents in such a short period raises doubts about ZKsync's security protocols. Although in both cases the users’ funds were not directly compromised, the consequences for reputation and trust are evident.

在如此短的时间内，一系列事件引起了人们对ZKSYNC的安全协议的怀疑。尽管在这两种情况下，用户的资金均未直接妥协，但对声誉和信任的后果很明显。

In the first quarter of 2025 alone, losses from hacks in the crypto ecosystem approached $2 billion, nearly matching the total losses of 2024.

仅在2025年的第一季度，加密生态系统中的黑客损失就接近了20亿美元，几乎与2024年的总损失相匹配。