ZetaChain Team Wallets Hit in Exploit

Cover image via U.Today The root cause The modus operandi Damage contained Advertisement The interoperability-focused blockchain network ZetaChain has suffered a security exploit, resulting in the draining of funds directly from internal team wallets. Fortunately for the broader crypto community, developers were able to quickly patch the vulnerability before the attacker could compromise user assets. The root cause According to the security experts at SlowMist, the core vulnerability was located within the call function of ZetaChain's GatewayZEVM contract. Crucially, this specific function lacked proper access control mechanisms and input validation parameters. Because of these missing security checks, the system was left wide open for exploitation. The flaw allowed any arbitrary user to bypass normal restrictions, invoke cross-chain calls through the GatewayZEVM contract, and execute unauthorized operations on external blockchains. HOT Stories Hyperliquid (HYPE) Regains 101% in Weekly Futures, Ethereum (ETH) Suddenly in Downtrend, Bitcoin (BTC) Has 1 Week Left: Crypto Market Review Ethereum Nears 190 Million Holders, What About XRP? The modus operandi The attacker was able to craft a highly specific, malicious call directly on ZetaChain designed to emit a fraudulent cross-chain event. Advertisement ZetaChain's relayer, which is designed to listen for and facilitate these cross-chain communications, automatically picked up this event. The relayer unknowingly executed the malicious call on the destination chain, allowing the attacker to effectively siphon the funds. Damage contained ZetaChain has assured the community that the damage was strictly isolated to their own holdings. Advertisement "There was an attack against the ZetaChain GatewayEVM contract today that impacted the internal ZetaChain team wallets only," the protocol's developers stated. "We've already blocked the attack vector so no more funds can be compromised." #Decentralized Finance