TechFlow reports that on April 29, ZetaChain officially disclosed a targeted vulnerability exploit that occurred on April 27. The attacker pre-funded their operation via Tornado Cash and employed wallet address spoofing to ultimately exploit a vulnerability in GatewayEVM’s arbitrary call functionality, resulting in approximately $334,000 in losses across four connected chains.
ZetaChain stated that this attack did not impact cross-chain $ZETA transfers; all affected wallets were under ZetaChain’s internal control, and user funds remained unaffected. A mainnet patch has now been deployed, and cross-chain transactions will resume after ongoing monitoring.
Add to Favorites
Share to Social Media
