ZKsync and Matter Labs X Accounts Hacked in Attempted Token Crash Hoax

The official X (formerly Twitter) accounts of Ethereum Layer 2 network ZKsync and its developer Matter Labs were hacked on May 13, with attackers spreading false information about a U.S. regulatory investigation in an apparent effort to crash the ZK token.

Shortly after the breach, the compromised accounts posted a fake announcement claiming that ZKsync was under investigation by the U.S. Securities and Exchange Commission (SEC) and potentially facing sanctions from the U.S. Treasury Department. The posts also included phishing links disguised as an airdrop offer, prompting ZKsync to quickly warn users not to engage with the fraudulent content.

Hack Aimed to Induce Market Panic

Crypto observers believe the fake regulatory statement was intended to spark fear among investors and traders, leading to a sell-off of the ZK token. While the damage was limited, ZK fell about 2% within an hour of the hack and is currently down 6.4% on the day, trading at approximately $0.0707, according to CoinGecko. This drop followed a strong 38.5% rally over the past week.

Other X users had warned the ZKsync X account was compromised. Source: pseudo

Matter Labs’ head of communications, Lynnette Nolan, confirmed to Cointelegraph that the posts were false and that both X accounts are now back under the control of the official team.

“Shoutout to the ZKsync hackers. Instead of dropping a token and stealing a few bucks, they decided to scare the living shit out of onchain degens,” joked crypto startup g8keep co-founder Harrison Leggio on X.

Suspected Method of Breach

Matter Labs believes the breach was executed via compromised delegated accounts—third-party tools with permission to post on behalf of the main X profiles. These access points may have allowed hackers to take control without directly hacking the core accounts themselves.

Second Major Incident in Two Months

This marks the second security incident tied to ZKsync in as many months. On April 15, the admin account of the platform’s airdrop distribution contract was compromised. The attacker exploited a function to mint 111 million unclaimed ZK tokens, valued at roughly $5 million. In a surprising turn, the hacker later returned 90% of the tokens, keeping 10% as a “bounty.”

Source: Harrison Leggio

The incident occurred amid ZKsync distributing 17.5% of its total ZK token supply to ecosystem participants.

Regulatory Context and Market Sensitivity

While the SEC has investigated various crypto firms in the past, many such probes were voluntarily disclosed and have often ended quietly. Companies like Crypto.com, OpenSea, Immutable, and Robinhood Crypto have all confirmed the conclusion of past SEC inquiries. That context makes the fabricated claims particularly potent in a jittery crypto market.

Summary:

Hackers took over the X accounts of ZKsync and Matter Labs, spreading false SEC investigation claims and phishing links to manipulate the ZK token price. The accounts are now secured, and the team is investigating the breach, believed to involve compromised delegated access.