ZetaChain, an interoperability-focused blockchain network, recently experienced a significant security exploit that resulted in the unauthorized drainage of funds directly from its internal team wallets. Despite the breach, the network's developers acted swiftly to patch the vulnerability, effectively preventing any compromise of user assets, a crucial measure that safeguarded the broader crypto community from potential losses.

According to a detailed analysis by security experts at SlowMist, the core vulnerability was meticulously traced to the call function embedded within ZetaChain's GatewayZEVM contract. A critical flaw in its design was the conspicuous absence of proper access control mechanisms and robust input validation parameters. This glaring omission created a wide-open avenue for exploitation, allowing an arbitrary user to circumvent standard security restrictions. Consequently, the attacker was able to invoke cross-chain calls through the compromised GatewayZEVM contract and execute unauthorized operations on external blockchains with relative ease.

The attacker's modus operandi involved crafting a highly specific and malicious call, which was directly launched on ZetaChain. This call was engineered to emit a fraudulent cross-chain event. ZetaChain's relayer, a component specifically designed to monitor for and facilitate legitimate cross-chain communications, inadvertently picked up this malicious event. Unaware of its true nature, the relayer then automatically executed the fraudulent call on the designated destination chain, thereby enabling the attacker to successfully siphon off the funds from the internal team wallets.

ZetaChain has provided assurances to its community that the damage from the exploit was strictly isolated and contained. The protocol's developers issued a statement confirming, "There was an attack against the ZetaChain GatewayEVM contract today that impacted the internal ZetaChain team wallets only." They further emphasized their rapid response, adding, "We've already blocked the attack vector so no more funds can be compromised." This swift action underscores the team's commitment to security and their effectiveness in mitigating further risks to the network and its users.