ZetaChain, a Layer 1 network, reported a security breach on April 24, where attackers exploited vulnerabilities in its cross-chain messaging system to steal $333,868, primarily in USDC and USDT. The attack involved nine transactions across Ethereum, Arbitrum, Base, and BSC chains, targeting three internal team wallets without affecting user funds.
The attackers leveraged three key vulnerabilities: insufficient arbitrary call restrictions, the GatewayEVM contract's acceptance of most commands including transferFrom, and users' unlimited token approvals via GatewayEVM.deposit() that were not revoked. ZetaChain emphasized that the attack was premeditated, with significant preparation by the perpetrators. In response, ZetaChain has deployed patches on its mainnet and paused cross-chain transactions pending further upgrades and reviews. Users who interacted with ZetaChain's gateway contracts are advised to revoke related ERC-20 approvals.
ZetaChain Suffers $333,868 Exploit via Cross-Chain Messaging Vulnerability
Sorumluluk Reddi: Phemex Haberler'de sunulan içerik yalnızca bilgilendirme amaçlıdır. Üçüncü taraf makalelerden alınan bilgilerin kalitesi, doğruluğu veya eksiksizliğini garanti etmiyoruz. Bu sayfadaki içerik finansal veya yatırım tavsiyesi niteliği taşımaz. Yatırım kararları vermeden önce kendi araştırmanızı yapmanızı ve nitelikli bir finans danışmanına başvurmanızı şiddetle tavsiye ederiz.