ZetaChain, a Layer 1 network, reported a security breach on April 24, where attackers exploited vulnerabilities in its cross-chain messaging system to steal $333,868, primarily in USDC and USDT. The attack involved nine transactions across Ethereum, Arbitrum, Base, and BSC chains, targeting three internal team wallets without affecting user funds.
The attackers leveraged three key vulnerabilities: insufficient arbitrary call restrictions, the GatewayEVM contract's acceptance of most commands including transferFrom, and users' unlimited token approvals via GatewayEVM.deposit() that were not revoked. ZetaChain emphasized that the attack was premeditated, with significant preparation by the perpetrators. In response, ZetaChain has deployed patches on its mainnet and paused cross-chain transactions pending further upgrades and reviews. Users who interacted with ZetaChain's gateway contracts are advised to revoke related ERC-20 approvals.
ZetaChain Suffers $333,868 Exploit via Cross-Chain Messaging Vulnerability
Haftungsausschluss: Die auf Phemex News bereitgestellten Inhalte dienen nur zu Informationszwecken.Wir garantieren nicht die Qualität, Genauigkeit oder Vollständigkeit der Informationen aus Drittquellen.Die Inhalte auf dieser Seite stellen keine Finanz- oder Anlageberatung dar.Wir empfehlen dringend, eigene Recherchen durchzuführen und einen qualifizierten Finanzberater zu konsultieren, bevor Sie Anlageentscheidungen treffen.