ZKsync Ignite Airdrop Phishing Twitter/X Compromised

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 12:10, 10 March 2025 by Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/zksyncigniteairdropphishingtwitterxcompromised.php}} {{Unattributed Sources}} thumb|ZkSync Logo/HomepageThe ZKSync ecosystem, built on high-performance, verifiable, modular rollups and validiums, emphasizes secure, frictionless interoperability across chains, with a user-friendly interface and cryptographic security. The platform also offers secure onboarding with Fa...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

ZkSync Logo/Homepage

The ZKSync ecosystem, built on high-performance, verifiable, modular rollups and validiums, emphasizes secure, frictionless interoperability across chains, with a user-friendly interface and cryptographic security. The platform also offers secure onboarding with FaceID/Passkeys, eliminating the need for seed phrases and enhancing protection against hacks. On January 15th, 2025, the ZKSync team tweeted about their @ZKsyncIgnite account being compromised, urging users not to interact with it or click any links and to wait for confirmation from the official @zksync account when the account is reclaimed. Three days later, on January 18th, the @ZKsyncIgnite account tweeted that they were back, signaling the return of normal operations. There is no word on anyone being affected or any support for affectd users.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36][37][38][39][40][41][42][43][44]

About ZKSync

"ZKsync is an ever expanding verifiable blockchain network, secured by math."

"ZK chains are high performance, verifiable, modular rollups and validiums powered by ZKsync. United in an elastic network, ZK chains can be added or expanded to handle increased transaction volume without affecting costs or hardware requirements for verification."

"ZK chains provide native, frictionless interoperability presented in a consistent and easy-to-use interface. This enables trustless communication and asset transfers between chains leveraging the full range of users and liquidity across the entire ZK chain ecosystem. Unlike traditional, centralized solutions, this protocol relies solely on cryptography for security."

"ZKsync offers secure one-tap onboarding via FaceID/Passkeys, eliminating the need for seed phrases and reducing the risk of hacks. By automatically creating modular smart accounts at the protocol level, ZKsync enables a delightful, customizable UX, allowing users to seamlessly access all ZK chains with what feels like a single account directly from their application."

About ZKSync 100M Airdrop

"ZKsync 100M Airdrop is Live! The next phase of ZKsync Ignite program continues with 100M ZK tokens available to be claimed today by eligible users. Claim now."

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - ZKsync Ignite Airdrop Phishing Twitter/X Compromised
Date Event Description
January 15th, 2025 6:46:00 PM MST ZKSync Team Tweets In what appears to be the first mention of any trouble, the ZKSync team tweets about their account having been compromised, warning users not to interact with or click any links from the @ZKsyncIgnite account. They advise waiting for verification from the official @zksync account to confirm when the compromised account has been reclaimed. The team will provide an update via a quote tweet once @ZKsyncIgnite has been recovered.
January 18th, 2025 9:38:00 AM MST Ignite Account Back Tweet The ZKIgnote account posts to notify their community that they are "back to pumping [their] bags".
January 20th, 2025 1:30:00 AM MST Again Ignite Account Back The ZKIgnite account again posts to indicate that they are back, announcing that their X account has been officially reclaimed and is now fully under their control, making it safe to engage with them again. They also mention that Period 2 has started, with attractive APRs, encouraging users to stack ZK rewards.

Technical Details

This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"The ZKsync team tweeted that the @ZKsyncIgnite account has been compromised. Do not interact with the account or click any links. Wait for the @zksync account to confirm when the account has been reclaimed."

"Warning: The @ZKsyncIgnite account has been compromised.

Do not interact with that account or click any links. Wait for the @zksync account to verify when the account has been reclaimed.

We will quote tweet this tweet when @ZKsyncIgnite has been recovered."

Ultimate Outcome

"We're back to pumping our bags."

"We’re So Back—Just in Time for Period 2

Our X account is officially reclaimed and fully under our control. It’s safe to engage with us again.

Now, back to business: Period 2 has started, and the APRs are looking [hot.]

Go stack those ZK rewards"

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. ZKSync - "Warning: The @ZKsyncIgnite account has been compromised. Do not interact with that account or click any links. Wait for the @zksync account to verify when the account has been reclaimed. We will quote tweet this tweet when @ZKsyncIgnite ...ter/X (Accessed Mar 10, 2025)
  2. ZKSync - "We're back to pumping our bags." - Twitter/X (Accessed Mar 10, 2025)
  3. ZKSync - "We’re So Back—Just in Time for Period 2. Our X account is officially reclaimed and fully under our control. It’s safe to engage with us again. Now, back to business: Period 2 has started, and the APRs are looking [hot]. Go stack th...ter/X (Accessed Mar 10, 2025)
  4. ZKSync Ignite Twitter Account (Accessed Mar 10, 2025)
  5. ZKsync (Accessed Sep 18, 2024)
  6. @ItisLumberjack Twitter (Accessed Mar 10, 2025)
  7. @orangantijeeva1 Twitter (Accessed Mar 10, 2025)
  8. @DinoMaxZK Twitter (Accessed Mar 10, 2025)
  9. @Lisancyt Twitter (Accessed Mar 10, 2025)
  10. @MamaMironi Twitter (Accessed Mar 10, 2025)
  11. @neuroparanoid Twitter (Accessed Mar 10, 2025)
  12. @CoinwatcherNews Twitter (Accessed Mar 10, 2025)
  13. @0xiLBiscione Twitter (Accessed Mar 10, 2025)
  14. @GalaxyhubAI Twitter (Accessed Mar 10, 2025)
  15. @zkSyncIndonesia Twitter (Accessed Mar 10, 2025)
  16. @ZKamigos Twitter (Accessed Mar 10, 2025)
  17. @CryptoWalker46 Twitter (Accessed Mar 10, 2025)
  18. @bitbullnoah Twitter (Accessed Mar 10, 2025)
  19. @AegisWeb3 Twitter (Accessed Mar 10, 2025)
  20. @cryptopeluca Twitter (Accessed Mar 10, 2025)
  21. @NSerec Twitter (Accessed Mar 10, 2025)
  22. @Crypto_Yaguar Twitter (Accessed Mar 10, 2025)
  23. @pedrocrypt1 Twitter (Accessed Mar 10, 2025)
  24. @zkSyncIndonesia Twitter (Accessed Mar 10, 2025)
  25. @TimAllard Twitter (Accessed Mar 10, 2025)
  26. @frogmonkee Twitter (Accessed Mar 10, 2025)
  27. @MetaVertico Twitter (Accessed Mar 10, 2025)
  28. @mosi115 Twitter (Accessed Mar 10, 2025)
  29. @Crypto4Tweet Twitter (Accessed Mar 10, 2025)
  30. @13_navjot Twitter (Accessed Mar 10, 2025)
  31. @NNovaDefi Twitter (Accessed Mar 10, 2025)
  32. @JumperExchange Twitter (Accessed Mar 10, 2025)
  33. @FsnAngelo Twitter (Accessed Mar 10, 2025)
  34. @gadgeteerth Twitter (Accessed Mar 10, 2025)
  35. @Gangcoin Twitter (Accessed Mar 10, 2025)
  36. @ai_schrodinger Twitter (Accessed Mar 10, 2025)
  37. @PriewPeter Twitter (Accessed Mar 10, 2025)
  38. @Cryptobits_ai Twitter (Accessed Mar 10, 2025)
  39. @CertiKAlert Twitter (Accessed Mar 10, 2025)
  40. @deTEfabulaNar_ Twitter (Accessed Mar 10, 2025)
  41. @frogmonkee Twitter (Accessed Mar 10, 2025)
  42. @xraise_fi Twitter (Accessed Mar 10, 2025)
  43. @koolcryptovc Twitter (Accessed Mar 10, 2025)
  44. @0xChess Twitter (Accessed Mar 10, 2025)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=ZKsync_Ignite_Airdrop_Phishing_Twitter/X_Compromised&oldid=6605"