A Chinese criminal network previously connected to fentanyl trafficking has been linked to a cryptocurrency fraud operation run out of Japan, Nikkei reported. The group circulated a counterfeit token under the name "zksync.jp" — crafted to imitate the legitimate ZkSync blockchain protocol — and caused losses exceeding $1 million among crypto users worldwide.
What a Scam Token Is and How This One Worked
A scam token is a digital asset created specifically to deceive — it borrows the name, branding, or domain of a recognized project to convince buyers they are purchasing something real. In this case, the fraudulent token used "zksync.jp," a name closely echoing ZkSync, a well-known Ethereum scaling protocol that processes transactions using zero-knowledge cryptography. That resemblance is the mechanism of the fraud: users who searched for or heard about ZkSync could plausibly mistake the counterfeit for the genuine article.
The scheme targeted crypto users globally, not just in Japan. The Japan connection appears to be operational — where the fraud was run from — rather than the sole geographic target of losses.
A Criminal Network With More Than One Revenue Stream
What distinguishes this case from a routine crypto scam is the alleged profile of the group behind it. According to Nikkei's reporting, the network had already drawn law enforcement attention for its links to fentanyl distribution before the crypto fraud came to light. That combination — narcotics trafficking and digital asset fraud — points to a criminal organization treating multiple financial crimes as parallel operations rather than a one-off opportunistic scheme.
Investigators and financial-crime analysts have increasingly documented this pattern: networks with established money-movement infrastructure adapting those capabilities to cryptocurrency fraud, where tracing funds across borders is more difficult and enforcement jurisdiction is fragmented.
What the Reported Losses Represent
The more-than-$1-million figure cited by Nikkei represents confirmed or estimated harm to victims, though scam-token losses are notoriously underreported — many victims either do not recognize the fraud immediately or avoid disclosing it. The actual damage from the "zksync.jp" token distribution could be larger than what the current reporting reflects.
For crypto users, the case reinforces a basic principle: domain names and token names that closely mirror legitimate protocols are a common attack surface. ZkSync is a real project; "zksync.jp" was not affiliated with it. Verifying a token's contract address against official sources — not its name or a lookalike URL — remains the only reliable check.