False Accusations Spark Market Disruption as Hackers Target X Accounts
In a deliberate attempt to manipulate the crypto market, the official X (formerly Twitter) accounts of ZKsync and its development team at Matter Labs were hacked on May 13. The attackers published false claims that U.S. financial authorities — including the SEC (Securities and Exchange Commission) and the Treasury Department — were investigating the project.
These misleading messages were posted alongside phishing links, which appeared to promote fake airdrops. The ZKsync community was warned not to click on any links shared during the breach.
Motivation: Crash the Token
The fabricated SEC announcement appeared designed to intentionally tank the value of the ZKsync token (ZK) by creating fear, uncertainty, and doubt (FUD). According to CoinGecko, the token dropped by 2% within the hour of the false message going live, and over 6.4% in 24 hours, currently trading around $0.073.
Hack Timeline: Not the First Breach
This isn't ZKsync’s first run-in with attackers. Back on April 15, a hacker accessed the admin credentials of ZKsync’s airdrop contract and exploited a mint function to generate 111 million ZK tokens, valued at nearly $5 million at the time. Interestingly, the perpetrator returned 90% of the tokens, claiming 10% as a “bounty.”
Official Statement and Recovery
Lynnette Nolan, Head of Communications at Matter Labs, confirmed to Cointelegraph that the fake posts were quickly removed and both X accounts are now secure and fully under control. She indicated that the breach may have occurred through compromised delegated access, which allows limited third-party posting rights.
Context: SEC and Crypto Probes
Although the SEC has investigated crypto firms like Crypto.com, Immutable, OpenSea, and RobinHood Crypto, most of these probes were closed without further action, especially under the previous U.S. administration. Such regulatory actions are typically publicly disclosed by the companies themselves.
That’s why this attack was so convincing — it mimicked real SEC announcements, making the misinformation seem authentic.
Conclusion: A Cautionary Tale for Web3
This incident is a sobering reminder of how critical account security is in the crypto space. Social engineering and phishing attacks continue to grow more sophisticated, and even major platforms are not immune.
To stay safe:
-
Avoid engaging with suspicious links, especially airdrop announcements
-
Verify news through multiple trusted channels and official sites
-
Use wallet/browser security tools that flag phishing domains
