--- title: "ZetaChain Pauses Mainnet Cross-Chain Transactions After Attack On GatewayEVM Contract Sparks Fresh Bridge Security Fears" type: "News" locale: "en" url: "https://longbridge.com/en/news/284313548.md" description: "ZetaChain has paused cross-chain transactions on its mainnet following an attack on its GatewayEVM contract, which affected internal team wallets but not user funds. The network is investigating the incident, which has raised concerns about bridge security in the DeFi space. Initial estimates suggest losses of around $300,000, although ZetaChain has not confirmed this figure. The attack comes amid a surge in crypto-related exploits, with over $606 million lost in April 2026 alone, highlighting vulnerabilities in cross-chain bridges." datetime: "2026-04-28T05:01:43.000Z" locales: - [zh-CN](https://longbridge.com/zh-CN/news/284313548.md) - [en](https://longbridge.com/en/news/284313548.md) - [zh-HK](https://longbridge.com/zh-HK/news/284313548.md) --- # ZetaChain Pauses Mainnet Cross-Chain Transactions After Attack On GatewayEVM Contract Sparks Fresh Bridge Security Fears Cross-chain activity on ZetaChain came to a sudden halt after a security incident hit its GatewayEVM contract, forcing the network to pause transfers while teams worked to contain the issue and assess potential exposure. ## Cross-Chain Pause After Contract Attack Raised Alarm ZetaChain confirmed that an attack targeted its GatewayEVM contract, prompting an immediate suspension of cross-chain transactions on its mainnet. The team said the issue affected internal wallets only, not user deposits or funds. In a public update on X, it stated: > “There was an attack against the ZetaChain GatewayEVM contract today that impacted the internal ZetaChain team wallets only. We’ve already blocked the attack vector so no more funds can be compromised and will be releasing a detailed post mortem after we have completed our investigation.” As a precaution, the network paused cross-chain activity while engineers moved to patch the vulnerability and review the system. > There was an attack against the ZetaChain GatewayEVM contract today that impacted the internal ZetaChain team wallets only. We've already blocked the attack vector so no more funds can be compromised and will be releasing a detailed post mortem after we have completed our… > > — ZetaChain 🟩 (@ZetaChain) April 27, 2026 ## Internal Wallets Hit But Were Users Exposed? ZetaChain maintained that no user funds were impacted during the incident, despite early social media warnings suggesting a broader exploit. The project added: > “As a precaution cross-chain transactions are currently paused on ZetaChain. Investigation is still ongoing and at this time no user funds were impacted by this attack.” However, uncertainty spread quickly after a warning circulated on crypto channels claiming the bridge had been exploited, triggering calls for users to move assets. The lack of an immediate full breakdown added to market concern, a common pattern in bridge-related incidents where information often lags behind speculation. ## What Is The GatewayEVM Contract? The compromised component, GatewayEVM, acts as the entry point for cross-chain activity between ZetaChain and external EVM-compatible networks such as Ethereum and Polygon. It works alongside other core components including ERC20Custody, which holds tokens bridged into the network, and ZetaConnector, which manages token flows tied to ZETA across connected chains. In simple terms, it is one of the main pathways used when assets or messages move between blockchains, making it a high-value target in interoperability networks. > 🚨. @ZetaChain has been exploited. Based on initial analysis, the following outlines the root cause. > > Root Cause > The core vulnerability lies in the call function of ZetaChain's GatewayZEVM contract, which lacks both access control and input validation. This allows any arbitrary… https://t.co/U63DKIfgDZpic.twitter.com/WbAHdiciRc > > — SlowMist (@SlowMist\_Team) April 28, 2026 ## Network Status Shows Systems Running But Transfers Frozen Despite the incident, ZetaChain’s infrastructure remained largely operational. Its status page showed all 11 mainnet components and testnet systems running at full uptime. Only cross-chain transactions were disabled, with the incident listed as “identified” and “ongoing” for several hours while engineers confirmed the attack vector and prepared a fix. At the time of reporting, the pause had lasted around nine hours since detection, with the team indicating a patch was being prepared. ## How Much Was Lost In The Attack? While ZetaChain has not confirmed exact figures, blockchain data cited by DefiLlama estimated losses of around $300,000. > NEW: @ZetaChain has reportedly been exploited, with at least $300K drained so far. pic.twitter.com/KcAaB1iOqD > > — SolanaFloor (@SolanaFloor) April 27, 2026 The project has not publicly validated this figure and has said a detailed post-mortem will follow once the investigation concludes. ZETA, the network’s token, holds a market capitalisation of roughly $73.3 million, with about 1.36 billion tokens in circulation out of a total supply of 2.1 billion. ## Why Bridge Security Is Under Pressure Again The incident lands during a turbulent period for decentralised finance, with April 2026 already recording one of the highest levels of crypto-related exploits in recent years. Earlier this month, the Kelp DAO cross-chain exploit drained about $292 million, an incident later linked by multiple cybersecurity firms to the Lazarus Group. > Kelp DAO lost about $294M in a @LayerZero\_Core bridge exploit.$ZRO dropped from $2 to $1.4, and a whale holding a $ZRO long on #HyperLiquid got partially liquidated, losing $2.88M. > > The whale is still holding the position with a floating loss of over $750K. Overall, the whale… https://t.co/psD7U02563pic.twitter.com/1k7O4LJprw > > — Onchain Lens (@OnchainLens) April 19, 2026 That attack alone triggered wider stress across DeFi, including heavy exposure risks on lending platforms such as Aave. In response, an industry coalition named “DeFi United” began raising funds to cover losses, with contributions from major ecosystem players and founders helping push recovery efforts past $160 million. > defiunited.eth is now open for contributions. All contributions are going towards DeFi United relief efforts to restore rsETH and safe DeFi.https://t.co/gdkGe5pi0ehttps://t.co/lOlsI3SmVH > > — Stani (@StaniKulechov) April 24, 2026 Across the month, more than $606 million has been lost across 12 separate incidents, according to DefiLlama data, with cross-chain bridges continuing to represent one of the most targeted attack surfaces in the sector. ## Cross-Chain Design Remains A Persistent Weak Point This latest ZetaChain incident adds to a long list of bridge and interoperability exploits in crypto history, including Ronin, Wormhole, and Nomad, each of which resulted in large-scale losses. The repeated pattern has kept pressure on developers to strengthen verification systems, improve audit standards, and introduce safer withdrawal and transfer mechanisms for cross-chain liquidity. ZetaChain has said it will publish a full post-mortem once its investigation is complete, while cross-chain services remain paused pending final confirmation of system integrity. ### Related Stocks - [ZNB.US](https://longbridge.com/en/quote/ZNB.US.md) ## Related News & Research - [Is Affirm stock an undervalued stock to buy?](https://longbridge.com/en/news/286826167.md) - [Honest Invites Women to Get Honest About “Down There” Conversations and Provides Solution | HNST Stock News](https://longbridge.com/en/news/286930270.md) - [Trump’s $750M stock trades raise conflict concerns](https://longbridge.com/en/news/286503385.md) - [08:45 ETThe Jed Foundation (JED) Publishes New Report on Mental Health Challenges Among Boys and Young Men](https://longbridge.com/en/news/286915417.md) - [Atria Investments Inc Sells 24,953 Shares of PayPal Holdings, Inc. $PYPL](https://longbridge.com/en/news/286730507.md)