ZetaChain explotoued, vulnerability may stem from GatewayZEVM call function defect

Odaily Planet Daily reported that SlowMist stated that ZetaChain was exploited. A preliminary analysis shows that the root cause of the vulnerability lies in the lack of access control and input validation in the `call` function of the GatewayZEVM contract. Attackers could exploit this to initiate malicious cross-chain calls and execute arbitrary operations through the relay mechanism to transfer funds on the target chain.

SlowMist stated that the attacker triggered the relayer to execute malicious calls by forging cross-chain events, thereby completing the theft of funds. Currently, the relevant attack transactions have been disclosed.