Over a week after the Zksync hacking incident, the exploiter agreed to a bounty and returned a significant portion of the loot.
Despite recovering stolen funds, the network’s powering token, ZK, continues to exhibit bearish sentiment.
ZKSync Hacker Returns $5.7 Million
More than a week after ZKsync was hacked, the person behind the attack agreed to a deal and returned most of the stolen money. Still, the price of ZKsync’s token is not recovering and continues to drop.
On April 15, ZKsync — a project built on Ethereum that helps make transactions faster and cheaper — got hacked. The attacker managed to take around $5 million worth of ZK tokens. After the news came out, the price of the token dropped by 16%.
People in the crypto community began to suspect something was wrong with how the ZKsync team was handling things. Some noticed that the team seemed to be selling off large amounts of tokens while the hack was happening. One user even said:
“First OM, now ZK. The team sold 66 million tokens out of 110 million they released. The token dropped 15% while the rest of the market was going up. This looks really bad.”
On April 21, ZKsync’s team offered a deal to the hacker:
“If you return 90% of the stolen crypto, you can keep 10% as a reward.”
This kind of deal is called a “safe harbor bounty,” and it’s a common way to encourage hackers to return stolen funds without getting into legal trouble.Surprisingly, the hacker agreed and sent back almost $5.7 million in three steps:
- First, they sent $1.83 million in ETH
- Then, $2.47 million in ZK tokens
- Finally, they sent 776 ETH (about $1.4 million) to the team’s Ethereum wallet
ZKsync said the hacker followed all the instructions and returned the funds within the 3-day deadline. Since the hacker kept their end of the deal, the team considers the case closed. They also promised to share a full report soon explaining what happened.
This kind of resolution has happened before:
- In the Ronin Bridge case, hackers gave back $10 million and got a $500,000 bounty
- Bybit also offered up to 10% rewards to white-hat hackers who help recover stolen funds
- Cardano’s founder recently offered a $1 million bounty to anyone who could hack their new wallet — just to test its security
But the Token is Still Falling
Even after getting most of the stolen funds back, ZKsync’s token hasn’t recovered. It’s down another 2% in the last 24 hours, now trading at just $0.06.
The price may still be falling because people don’t fully trust the project right now, especially after the rumors of insider selling and the recent hack.
Bounty Programs Are Becoming Common
More and more crypto projects are offering bounties to improve security and recover lost funds:
- Bybit is trying to get back $1.4 billion using a hacker reward program
- Uniswap launched a record-breaking $15.5 million bug bounty to find serious bugs in its new version
The ZKsync team managed to get back most of the hacked funds by offering a reward to the attacker. But even with the money returned, the token’s price is still going down. Restoring trust in the project may take more time.
