On April 27th, a hacker exploited a vulnerability in the GatewayEVM contract of ZetaChain’s first-level blockchain. The incident affected only the team’s internal wallets, according to the developers.
There was an attack against the ZetaChain GatewayEVM contract today that impacted the internal ZetaChain team wallets only. We’ve already blocked the attack vector so no more funds can be compromised and will be releasing a detailed post mortem after we have completed our…
— ZetaChain 🟩 (@ZetaChain) April 27, 2026
User funds were not affected. Upon discovering the attack, the project managed to prevent further asset compromise by halting cross-chain transactions.
DefiLlama estimated the damage at $300,000. The ZetaChain team did not disclose the exact amount but promised to release a detailed report soon.
Preliminary analysis by SlowMist pointed to a vulnerability in the call function of the GatewayZEVM contract. It lacks access control and input validation, allowing any user to initiate malicious cross-network calls.
🚨. @ZetaChain has been exploited. Based on initial analysis, the following outlines the root cause.
Root Cause
The core vulnerability lies in the call function of ZetaChain’s GatewayZEVM contract, which lacks both access control and input validation. This allows any arbitrary… https://t.co/U63DKIfgDZ pic.twitter.com/WbAHdiciRc— SlowMist (@SlowMist_Team) April 28, 2026
The relay picked up these calls and executed them in target networks, allowing the attacker to withdraw funds.
Following the incident, the price of the ZETA token fell by 0.6% to $0.05.
A Wave of Breaches
Simultaneously, the Singularity Finance project on the Base network was also hacked, noted cybersecurity expert Arsen.
🚨 $413K drained from Singularity Finance.
Admin set unsupported oracle fee tier, and every pool returned address(0).
Attacker flash-loaned 100k USDC, minted 99.99% of supply, redeemed for real balances. pic.twitter.com/gnM5eOvQKh
— Arsen (@arsen_bt) April 27, 2026
The platform administrator erred in settings, specifying an unsupported fee for oracles, which the hacker exploited. The attacker took a loan of 100,000 USDC on Morpho, deposited them into storage, received all tokens (99.99%) at an incorrect rate, and withdrew real funds.
The damage amounted to $413,000. At the time of publication, the Singularity team had not commented on the incident.
The SFI coin’s price fell by 0.3% to $0.005, according to CoinGecko.
Earlier, on April 26th, hackers attacked the DeFi protocol Scallop and withdrew about 150,000 SUI from the sSUI reward pool. A few days before, attackers had compromised the Volo platform.