The ZetaChain vulnerability was reported in advance by white hats but was ignored, ultimately leading to a $334,000 attack incident
The cross-chain protocol ZetaChain disclosed that the security issues involved in its recent approximately $334,000 vulnerability attack event had been reported in advance by researchers in the bug bounty program but were deemed "expected behavior" by the project team at that time and were not addressed.
According to the official incident review, this attack originated from a combination of three design flaws that initially seemed independent and low-risk: the Gateway contract allowed anyone to send any cross-chain instructions; the receiving end could execute calls on almost any contract, and the blacklist restrictions were too narrow; some wallets retained unlimited approval for an extended period without being cleared. The attacker ultimately combined these flaws to instruct the Gateway to transfer tokens directly to their controlled address, thereby completing the asset transfer.
ZetaChain stated that this attack involved 9 transactions across four chains: Ethereum, Arbitrum, Base, and BSC, with the stolen funds all coming from wallets controlled by ZetaChain, and user funds were not affected. The official noted that the attack showed clear premeditation. The attacker funded their wallet through Tornado Cash three days before the attack and deployed a dedicated Drainer contract in advance, while also implementing an address poisoning attack. Currently, ZetaChain has begun pushing repair patches to the mainnet nodes, permanently disabling the arbitrary call function and changing the unlimited approval mechanism in the deposit process to "precise amount authorization."
You may also like
Track Markets At a Glance: New WEEX Price Widgets for iOS & Android
To streamline your market data access, WEEX has officially launched "Market Watchlist" desktop widgets
The billion-dollar lesson: The focus of DeFi security is shifting from code to operational governance
A Brief Analysis of Stablecoin Licenses and On-Chain Funding
BVNK Founder: Three Stages of Stablecoin Development
The truth about Trump's son's Bitcoin game: he made a staggering $100 million while retail investors lost $500 million
What Is Futures Trading? Hours, Platforms, and How to Start Trade Futures(2026 Guide)
Learn how to start futures trading, understand trading hours, and choose the best futures trading platform. Includes real data, strategies, and ways to maximize returns with rebates.
The Rise of Composable RWA
MAGA Up 350% in 24 Hours, PEPE Up 46% in One Day: Which Memecoins Are Next in 2026?
MAGA +350% in 24hrs. PEPE +46% in one day. RAVE +4,500% then -90%. In 2026's memecoin market, the gains are real. So are the traps? Here's how to tell the difference before you buy.
RCD Espanyol vs Real Madrid: Can the Pericos Delay the Inevitable?
RCD Espanyol vs Real Madrid lineups, standings, and stats for May 3, 2026. Real Madrid visits RCDE Stadium as Barcelona closes in on the LALIGA title. Full preview inside.
MegaETH goes live with an FDV exceeding 2 billion USD. Which ecological projects are worth paying attention to?
Dialogue with "Wood Sister" Cathie Wood: The next bull market is about to arrive
Can prediction markets win the competition for perpetual contracts?
Who is trading on Trade.xyz?
Binance quietly placed a bet on a leading large model company
Best Crypto Discord Server 2026: Why Jacob’s Crypto Clan Is Gaining Massive Attention
Jacob’s Crypto Clan has grown into one of the most active crypto Discord communities, with over 45K members and continuing to expand. This rapid growth reflects strong demand for structured trading insights and real-time collaboration.
Tom Lee Buying ETH: Why Wall Street’s Loudest Ethereum Bull Keeps Doubling Down
Tom Lee keeps buying ETH through every dip, every drawdown, and every moment of market doubt. Inside the strategy that's turning Ethereum into a treasury asset — and what it signals for the rest of the market.
Stripe Sessions 2026: AI Agent, Global Payments, and Invisible Crypto Infrastructure
Where will South Korea's cryptocurrency taxation head?
Track Markets At a Glance: New WEEX Price Widgets for iOS & Android
To streamline your market data access, WEEX has officially launched "Market Watchlist" desktop widgets
The billion-dollar lesson: The focus of DeFi security is shifting from code to operational governance
A Brief Analysis of Stablecoin Licenses and On-Chain Funding
BVNK Founder: Three Stages of Stablecoin Development
The truth about Trump's son's Bitcoin game: he made a staggering $100 million while retail investors lost $500 million
What Is Futures Trading? Hours, Platforms, and How to Start Trade Futures(2026 Guide)
Learn how to start futures trading, understand trading hours, and choose the best futures trading platform. Includes real data, strategies, and ways to maximize returns with rebates.
Contents
Popular coins
Latest Crypto News
