The X account of the Ethereum layer 2 network ZKsync and its developer Matter Labs were compromised early on May 13, with hackers falsely claiming the network was being probed by US authorities, among other scam messages.

A ZKsync-related X account posted on May 13, confirming the accounts for ZKsync and Matter Labs were compromised, warning users not to interact after the accounts shared links to a fake airdrop in an apparent phishing scam.

Other X users had warned the ZKsync X account was compromised. Source: pseudo

The hacked ZKsync and Matter Labs then both posted a fake statement claiming ZKsync was under investigation by the US Securities and Exchange Commission and that the Treasury Department could impose sanctions on the platform.

Matter Labs communications head Lynnette Nolan confirmed to Cointelegraph that the now-deleted X post “is not legit” and both accounts are now “fully back in the control of the team.”

“Shoutout to the zksync hackers. Instead of dropping a token and stealing a few bucks they decided to scare the living shit out of onchain degens,” crypto startup g8keep co-founder Harrison Leggio, who goes by “Pop Punk,” posted to X.

Source: Harrison Leggio

The fake statement was seemingly aimed at crashing the price of the platform’s self-titled token, ZKsync (ZK), which has fallen around 2% in the last hour amid the X account breach, according to CoinGecko.

The SEC has investigated crypto companies in the past, and many of these firms have chosen to publicly disclose when they’ve been investigated by the regulator.

The SEC has stopped many of its probes under the Trump administration, with Crypto.com, Immutable, OpenSea, and RobinHood Crypto, among others, confirming the agency had ended investigations.

ZK is down 6.4% over the last day to trade at around 7 cents, cooling from a nearly 38.5% rally it’s enjoyed over the past week.

Related: US prosecutors want 2 years for SEC X account hacker

Matter Labs’ Nolan said the firm was looking into how the X accounts were breached, and believed it was via “compromised delegated accounts,” which allow users limited access to an X account, allowing them to post on its behalf.

Two hacks in as many months

It’s the second compromise of ZKsync-controlled platforms since April.

On April 15, an attacker breached the admin account of ZKsync’s airdrop distribution contract and used a function to mint 111 million unclaimed ZK tokens, worth approximately $5 million at the time.

The hack happened amid the platform handing out 17.5% of ZK’s supply to ecosystem participants.

The attacker later returned 90% of the stolen tokens, agreeing to keep 10% as a bounty.

Magazine: ZK-proofs are bringing smart contracts to Bitcoin — BitcoinOS and Starknet