Security notice: Cross-chain transactions are temporarily paused. Read more  ·  status.zetachain.com
ZetaChain
Security Incident Notice

Attack against the ZetaChain GatewayEVM contract

Earlier today an attack was carried out against the ZetaChain GatewayEVM contract that impacted internal ZetaChain team wallets only. We have already blocked the attack vector, so no more funds can be compromised, and a detailed post-mortem will follow once our investigation is complete. As a precaution, cross-chain transactions on ZetaChain are currently paused.

Investigation is still ongoing and at this time no user funds were impacted by this attack.

Posted: April 28, 2026  ·  Last updated: April 28, 2026  ·  Live status: status.zetachain.com

Out of an abundance of caution, cross-chain transactions remain temporarily paused while we complete additional verification. No user action is required, but users may use the revoke approvals tool below if they wish to remove any previously granted token allowances.

What happened

On April 28, 2026, our team detected and responded to an attack targeting the GatewayEVM contract on ZetaChain. The malicious activity was contained to internal ZetaChain team wallets. No external user wallets, validator infrastructure, or third-party application funds were affected.

We have already blocked the attack vector, which means no further funds can be compromised through this path. The investigation into the root cause is ongoing, and a detailed post-mortem will be published once the analysis is complete.

Current status

Attack vector
Blocked
Cross-chain transactions
Paused
User funds
Not impacted
Investigation
In progress

Timeline

Apr 28, 2026
Suspicious activity targeting the GatewayEVM contract is detected by ZetaChain monitoring.
Apr 28, 2026
Initial scope is identified: only internal ZetaChain team wallets are affected.
Apr 28, 2026
The attack vector is blocked. Cross-chain transactions are paused as a precaution.
Ongoing
Forensic investigation continues. A detailed post-mortem will follow.
Revoke token approvals Client-side · No backend
Wallet not connected

If you previously granted ERC-20 token allowances to a Gateway contract you wish to remove, you'll be able to revoke them here. This tool runs entirely in your browser using your own wallet — no information is sent to any server.

Always verify the official ZetaChain Gateway contract address for your network on the ZetaChain docs before approving any transaction.
Switching networks will prompt your wallet to confirm.
Paste any ERC-20 tokens you want to check. We'll show your current allowance to the spender, and let you revoke it (set to 0) with a single transaction.
How this will work: we read your wallet address from your browser provider (e.g. MetaMask), call allowance(owner, spender) on each ERC-20 token, and if you choose to revoke we send an approve(spender, 0) transaction. Nothing is ever transmitted off-chain. Always double-check the spender address before signing.

What this means for users

  • Your funds and wallets are not known to be at risk from this incident.
  • Cross-chain transactions on ZetaChain are temporarily paused; pending operations may be delayed until services resume.
  • No action is required from users at this time.
  • If you wish, you can use the Revoke approvals tool above to remove any previously granted token allowances.
  • Be cautious of phishing attempts or impersonators claiming to issue refunds, recovery tools, or "support" related to this incident. ZetaChain will never DM you for keys, seed phrases, or signatures.

Stay informed

The most up-to-date status of services and this incident is available on the official ZetaChain status page.

Track current status Official updates on X

Only trust communications coming from the official channels listed above and from zetachain.com.