Last updated on May 12th, 2026 at 12:45 pm
ZetaChain, an interoperability protocol, has temporarily suspended its cross-chain operations following a targeted exploit of its GatewayZEVM contract. The incident, which occurred on Tuesday, primarily affected internal team wallets with losses estimated at $300,000. On-chain security firm SlowMist quickly identified the vulnerability, noting that the attacker leveraged a critical lack of access control within the protocol’s core smart contract.
🚨. @ZetaChain has been exploited. Based on initial analysis, the following outlines the root cause.
Root Cause
The core vulnerability lies in the call function of ZetaChain’s GatewayZEVM contract, which lacks both access control and input validation. This allows any arbitrary… https://t.co/U63DKIfgDZ pic.twitter.com/WbAHdiciRc— SlowMist (@SlowMist_Team) April 28, 2026
Access control flaw triggers protocol halt
According to preliminary analysis from SlowMist, the exploit targeted the call function of the GatewayZEVM contract. This specific function lacked both input validation and restricted access permissions, essentially allowing any external address to trigger malicious cross-chain calls without authorization. This enabled the attacker to route assets toward arbitrary targets, resulting in the drainage of protocol-linked wallets.
ZetaChain’s security team acted within hours to block the attack vector and pause all cross-chain transfers to prevent further risk. While the protocol’s internal holdings were hit, official reports indicate that regular user assets and liquidity pools remain unaffected by this breach.
Security firm Blockaid has since issued a cautionary alert, advising users to revoke any active approvals for the GatewayEVM contract across networks like Ethereum, Arbitrum, and Base as a precautionary measure.
Growing concerns over Cross-Chain security
April 2026 has already become the worst period for crypto theft since early 2025, with losses exceeding $600 million in just 18 days. This surge is largely driven by bridge-related exploits, such as the $292 million KelpDAO breach earlier this month, which triggered significant liquidity crunches across the ecosystem.
The recurring pattern of missing access controls in complex smart contracts remains a primary concern for researchers. As protocols race to provide seamless interoperability, the attack surface for cross-chain infrastructure continues to expand. Analysts suggest that until security practices and auditing capacity catch up with the rapid growth of Total Value Locked (TVL), the industry may continue to face high-frequency exploits.
Enjoyed this piece? Bookmark DeFi Planet, explore related topics, and follow us on Twitter, LinkedIn, Facebook, Instagram, Threads and CoinMarketCap Community for seamless access to high-quality industry insights.
Take control of your crypto portfolio with DEFI PLANET PRO, DeFi Planet’s suite of analytical tools
