On April 27, layer-1 blockchain ZetaChain suffered an attack on its GatewayEVM smart contract.
ZetaChain developers quickly suspended all cross-chain transactions on the mainnet to prevent further losses.
Hot topic: Bitcoin on April 28—BTC Price Pulls Back From $79,500
On April 27, layer-1 blockchain ZetaChain suffered an attack on its GatewayEVM smart contract. Developers quickly suspended all cross-chain transactions on the mainnet to prevent further losses.
According to DefiLlama, damages amounted to approximately $300,000. ZetaChain’s team stated that the attack only affected the project’s internal wallets, while user funds remain safe.
Technical Details of the Incident
According to a preliminary analysis by SlowMist, the vulnerability was located in the call function of the GatewayZEVM contract. The contract lacked proper access control and input validation, allowing the attacker to execute malicious cross-chain calls. The network’s relayer picked up these calls and executed them on target blockchains.
ZetaChain has already identified and blocked the attack vector. The project’s status page shows cross-chain operations as suspended. The team plans to publish a full technical report after completing its investigation.
Read also: Billions at Risk on LayerZero as KelpDAO Hack Exposes Weak Setting
Context and Market Reaction
This marks the second notable cross-chain incident in April 2026. Earlier, hackers stole approximately $293 million from the Kelp DAO protocol via a LayerZero-based bridge.
Following the news, the ZETA token fell approximately 5% to trade around $0.055.
Community reaction was mixed. Some users praised the team’s speed and transparency, while others expressed concern about cross-chain infrastructure security in general.
Related: What Is Crypto Cybersecurity? The Ultimate Guide to Protecting Digital Assets
