Cointime

Cointime

Download App
iOS & Android
Home / Point

ZetaChain Releases Incident Analysis: Cross-Chain Messaging Vulnerability Leads to $330,000 Loss

On April 29, ZetaChain released a post-incident analysis report confirming that the attack on April 24 originated from a vulnerability in its cross-chain messaging pipeline. The attacker exploited three interconnected issues: the cross-chain system allowed for 'arbitrary calls' with minimal restrictions; the receiving GatewayEVM contract accepted most commands, including 'transferFrom'; and users had granted unlimited authorization when depositing tokens via 'GatewayEVM.deposit()' without revoking it, allowing the attacker to withdraw tokens from wallets. The attack involved nine transactions across four chains: Ethereum, Arbitrum, Base, and BSC, resulting in a total loss of $333,868 (mainly in USDC and USDT), affecting only three internal team wallets with no loss of user funds. ZetaChain stated that the attacker was not an opportunist but had invested significant time and resources in preparation, including funding the wallet through Tornado Cash three days before the attack and conducting brute-force attacks to mimic the victim's address. ZetaChain has since deployed a patch, and the cross-chain transaction feature will remain disabled until the upgrade and review are completed.

Comments

All Comments

Recommended for you

  • CFTC and SEC Seek Public Input to Clarify 'Swaps' Regulatory Definition

    On June 19, in the context of related litigation at the Chicago Mercantile Exchange (CME), the U.S. Commodity Futures Trading Commission (CFTC) and the U.S. Securities and Exchange Commission (SEC) jointly issued a public request for comments, planning to update and clarify the definitions and regulatory interpretations of certain derivative products. This inquiry covers a wide range of topics, including the definition of 'swaps', the definition of 'security-based swaps', and the delineation of the exemptions applicable to these definitions. The two agencies are also seeking public input on the regulatory treatment of new or emerging financial products, which may include event contracts on prediction market platforms and perpetual futures/perpetual contracts. CFTC Chairman Michael S. Selig stated in a press release: 'Today's joint public request for comments provides an opportunity to address the long-standing regulatory ambiguities in Title VII of the Dodd-Frank Act. These ambiguities have been hindering fair competition and responsible innovation.' According to Title VII of the Dodd-Frank Act, the CFTC has regulatory authority over swap products, except for security-based swaps. SEC Chairman Paul Atkins also noted in a statement that clarifying certain definitions has become urgent, particularly regarding the regulatory classification of event-driven products.

  • Morgan Stanley Submits Revised ETF Applications for Ethereum and SOL, Disclosing Lowest Market Fees

    On June 19, Morgan Stanley submitted revised filings for spot Ethereum and Solana ETFs, marking new progress in the review process following the approval of Bitcoin ETFs. The Wall Street investment bank filed updated S-1 registration statements for the two ETFs with the U.S. SEC on Thursday. This is the second update to the applications for the Ethereum and Solana ETFs originally submitted in January. The latest S-1 documents reveal that both ETFs will have an issuance fee rate set at 0.14%, making them the lowest fee products in the U.S. market for Ethereum and Solana ETFs. According to SoSoValue data, the current fee rate for Grayscale's mini Ethereum trust is 0.15%, the lowest in the Ethereum sector, while Franklin Templeton's Solana ETF SOEZ has a fee rate of 0.19%, the lowest in the Solana segment. The revised filings also disclose that Figment, Galaxy blockchain infrastructure company, and Canada’s Coinbase will serve as the staking service providers for the products. Morgan Stanley's upcoming ETH and SOL ETFs plan to stake a portion of their holdings to earn additional staking rewards. The documents specify that 5% of the staking earnings will be allocated as service fees for the staking service providers and custodians.

  • Fidelity Launches Money Market Fund for Stablecoin Issuers Aligned with the GENIUS Act

    On June 19, Fidelity Investments launched a new government money market fund designed as a reserve storage tool for stablecoin issuing institutions. The fund, named Fidelity Digital Reserve Fund (Ticker: FYMXX), aims to achieve current income while ensuring principal safety and maintaining high liquidity, as stated in its prospectus. The fund shares are exclusively available to institutional investors, including various stablecoin issuers, and the product was officially established on June 15. The prospectus specifies: 'The fund shares are expected to be primarily held by one or more stablecoin issuers as part or all of their reserve assets for issuing stablecoins to users.' This new fund will only invest in compliant reserve assets permitted for stablecoin issuers under the GENIUS Act, including U.S. Treasury bills, medium-term notes, long-term government bonds, cash, overnight repurchase agreements, and other government money market funds that meet stablecoin regulatory requirements. The minimum initial subscription amount for the fund is set at $1 million, although the fund company can independently decide to waive or reduce this threshold. The product aims to maintain a stable net asset value of $1 per share, with an annual management fee rate of 0.25%.

  • BTC Falls Below $63,000

    Market data shows that BTC has fallen below $63,000, currently priced at $62,967.9, with a 24-hour decline of 3.7%. The market is experiencing significant volatility, so please ensure proper risk management.

  • ETH Falls Below $1700

    Market data shows that ETH has fallen below $1700, currently priced at $1699.82, with a 24-hour decline of 3.79%. The market is experiencing significant volatility, so please ensure proper risk management.

  • Oaktree Capital Founder: Cautionary Investors May Miss Historic Investment Opportunities

    On June 18, Howard Marks, co-founder of Oaktree Capital, discussed whether the current market is experiencing 'irrational exuberance' and the opportunities and risks under the AI investment boom in a recent podcast. He noted that the current market can be described using Alan Greenspan's words from 30 years ago; we are in a 'boom,' but no one can definitively say whether it is 'irrational.' Using SpaceX's impending IPO with a valuation of nearly $2 trillion as an example, he stated that deciding whether to participate and at what price is purely a matter of 'guessing,' and cannot be calculated like traditional value investing. Howard mentioned his favorite saying: 'Cautious individuals struggle to achieve great things.' He pointed out a current investment dilemma: investing in tech giants may lead to significant mistakes, but it can also yield remarkable successes. Those who hesitate out of fear of risk may miss out on the greatest investment opportunity in human history. In contrast, investors in traditional industries such as transportation, retail distribution, and real estate are unlikely to make catastrophic investment errors, but they also cannot seize the monumental benefits of this transformative era. In terms of valuation, Howard provided a key reference: the current price-to-earnings ratio of the S&P 500 is about 23 times, which is approximately 50% higher than the 80-year average of 16 times, but far lower than the 32 times during the 2000 internet bubble and below the 60 to 90 times level of the 'Nifty Fifty' era, indicating that overall it is 'high but not out of control.' Regarding AI investments, he proposed a three-tiered investment strategy: investing in large-scale tech companies is a low-risk approach due to their established business and cash flow; investing in vertical AI companies like Anthropic and OpenAI carries higher risks but also a higher probability of survival; while investing in early-stage startups is akin to gambling, where most will lose everything, but a few will become extremely wealthy. He advised investors to choose where they want to invest on the risk spectrum, mix different positions along the spectrum, and then determine what proportion these companies should represent in their overall investment portfolio.

  • Ethereum Foundation Co-Executive Director Hsiao-Wei Wang Announces Resignation

    Hsiao-Wei Wang, Co-Executive Director of the Ethereum Foundation, issued a statement announcing her decision to formally resign from her positions as Co-Executive Director and board member of the Ethereum Foundation, effective immediately after her leave. Wang stated that her time off allowed her to reassess her personal priorities and future plans, leading her to step back at this juncture and dedicate more time to her family and personal life. In her statement, Wang reflected on her contributions to the Ethereum ecosystem over the past decade, emphasizing that the true strength of Ethereum comes from the decentralized infrastructure maintained by global developers, researchers, validators, node operators, and community builders, rather than any single role or organization. She noted that although she is leaving the foundation's management, she will continue to support ecosystem development as a community member. Vitalik Buterin subsequently expressed his gratitude, stating that Wang has been one of the most steadfast contributors to the Ethereum ecosystem over the past ten years, not only advancing research and consensus mechanisms but also establishing an active local community in Taipei, Taiwan. Vitalik remarked that during a critical transformation period for Ethereum, Wang took on the foundation's most challenging management responsibilities and completed her mission with a high degree of professionalism and prudence.

  • Accenture Plummets Over 17%, Dragging Down IT Services Sector

    On June 18, the IT services sector declined, with Accenture dropping over 17%. Wipro and Cognizant fell nearly 8%, IBM decreased by 6.6%, Infosys dropped by 5.7%, and Global Data fell by over 3%. In news, Accenture reported an unexpected 2% decline in third-quarter orders, indicating that the industry continues to face fundamental uncertainties amid the 'AI disruption' superstorm led by AI application leader Anthropic. The company expects fourth-quarter revenue to be in the range of $17.75 billion to $18.4 billion, below the analyst consensus estimate of approximately $18.47 billion.

  • SanDisk Soars 11% to Set New All-Time High, Up 814% Year-to-Date

    On June 18, SanDisk (SNDK.US) saw its stock price increase by 11%, reaching $2,175 per share, setting a new all-time high. The total market capitalization surpassed $320 billion, marking an impressive year-to-date increase of 814%.

  • SpaceX Drops Nearly 8%, Marking Second Consecutive Day of Decline

    On June 18, SpaceX experienced a decline for the second consecutive day, with intraday losses nearing 8%, bringing its price down to $176.6. Dan Taylor from Invesco commented that SpaceX's valuation does not reflect the overall health of the AI sector. The stock performance of the rocket company appears to be more of a bet on CEO Elon Musk rather than an AI narrative. Taylor stated that the company is unlikely to achieve Musk's $1 trillion revenue target before 2030, but his previous entrepreneurial ventures indicate that investor confidence in him is not lacking, which should be a supportive factor for SpaceX.

Daily Must-Read

Popular Activities

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

April 30 - April 30
Dubai

Popular Tags

Cointime
News
Contents
RSS
Company