According to online reports, ZKsync issued a document on the X platform saying that after investigation, the administrator accounts of three airdrop distribution contracts had been compromised. The attacker called the sweetUnclaimed () function and minted about 111 million non-claimed ZK tokens from the aiddrop contract. This incident only involved the airdrop distribution contract, and all mindable funds had been minted. It was impossible to use further attacks through this method. The ZKsync protocol, ZK token contract, all three governance contracts and all active token program cap coiners have not been affected by this incident and will not be affected. Recovery work is currently being coordinated with the exchange to advise attackers to return funds and avoid legal liability.