Zilliqa CEO resigns two months after security breach
Zilliqa has announced the resignation of CEO Matt Dyer, just two months after the blockchain platform suffered a security breach affecting its cross-chain bridge.
In a statement posted on X, the company confirmed Dyer “has stepped down from his role as Chief Executive Officer of Zilliqa Technology.”
Zilliqa hasn’t announced a new CEO
With Dyer’s resignation, Zilliqa has opted not to immediately name a permanent replacement CEO. Instead, the company stated that “internal leadership will oversee daily operations.” They described this as an “interim period” focused on the migration to Zilliqa 2.0, the platform’s major upcoming upgrade.
Zilliqa announces with regret that Matt Dyer has stepped down from his role as Chief Executive Officer of Zilliqa Technology. We extend our gratitude for his contributions and wish him success in his future endeavours.
During this interim period, internal leadership will oversee…
— Zilliqa (@zilliqa) April 8, 2025
According to the company’s statement, a “long-term strategy for the company’s leadership” will be implemented following the completion of its 2.0 migration. This suggests the organization may be prioritizing technical development over executive recruitment in the immediate term.
The technical team will continue to operate under the leadership of Zoltan Fazekas. He was specifically mentioned in the announcement as overseeing the protocol development efforts. The leadership change comes at a time when Zilliqa attempts to rebuild user trust following the security incident.
February X-bridge exploit details
On 6 February 2025, Zilliqa’s X-Bridge framework was compromised by a security attack that took advantage of a bug in one of its token manager contracts. The bug enabled an attacker to produce unauthorized Zilliqa-bridged versions of Ethereum (zETH) and Binance Smart Chain (zBNB) tokens without locking up corresponding assets on their home networks.
The exploit extracted a total of 531 zETH and 2.2133 zBNB tokens. Having created such tokens, the attacker bridged a portion to respective native blockchains and then swapped others on ZilSwap, the project’s decentralized exchange. Through these operations, the attacker obtained around $42,000 of USDT along with 0.0718 zWBTC.
As the incident happened, Dyer shared several urgent alerts on X. He cautioned users from interacting with the X-Bridge protocol or trading any zETH via ZilSwap. In his messages, he stressed the gravity of the situation, announcing, “This is a difficult time, but our team is working to resolve the situation,” and referring users to official channels for information.
Dyer, who had been actively posting about the breach on social media at the time of the incident, has not shared a post since February when the exploit took place.
Zilliqa’s response to the exploit
As an immediate precaution, Zilliqa’s technical team shut down the bridge relayer and paused the affected token manager contracts to prevent further unauthorized minting. The team also coordinated with Switcheo, the operator of ZilSwap, to disable all zETH pools to limit the attacker’s ability to liquidate the fraudulent tokens.
In the days following the breach, Zilliqa deployed new contracts for both zETH and zBNB. These new implementations retained legitimate balances as of specific blockchain snapshots (block 4465720 for zETH and block 4474090 for zBNB). This removed the invalid tokens associated with the attacker from circulation.
Users who had purchased or transacted zETH or zBNB after the exploit were provided with a support window. Throughout the incident response period, Dyer was publicly visible in managing communications. He repeatedly urged users to take caution and follow official guidance.
Cryptopolitan Academy: Coming Soon - A New Way to Earn Passive Income with DeFi in 2025. Learn More
Read More
Stablecoins are surpassing Visa—here’s what comes next
Zilliqa CEO resigns two months after security breach
Zilliqa has announced the resignation of CEO Matt Dyer, just two months after the blockchain platform suffered a security breach affecting its cross-chain bridge.
In a statement posted on X, the company confirmed Dyer “has stepped down from his role as Chief Executive Officer of Zilliqa Technology.”
Zilliqa hasn’t announced a new CEO
With Dyer’s resignation, Zilliqa has opted not to immediately name a permanent replacement CEO. Instead, the company stated that “internal leadership will oversee daily operations.” They described this as an “interim period” focused on the migration to Zilliqa 2.0, the platform’s major upcoming upgrade.
Zilliqa announces with regret that Matt Dyer has stepped down from his role as Chief Executive Officer of Zilliqa Technology. We extend our gratitude for his contributions and wish him success in his future endeavours.
During this interim period, internal leadership will oversee…
— Zilliqa (@zilliqa) April 8, 2025
According to the company’s statement, a “long-term strategy for the company’s leadership” will be implemented following the completion of its 2.0 migration. This suggests the organization may be prioritizing technical development over executive recruitment in the immediate term.
The technical team will continue to operate under the leadership of Zoltan Fazekas. He was specifically mentioned in the announcement as overseeing the protocol development efforts. The leadership change comes at a time when Zilliqa attempts to rebuild user trust following the security incident.
February X-bridge exploit details
On 6 February 2025, Zilliqa’s X-Bridge framework was compromised by a security attack that took advantage of a bug in one of its token manager contracts. The bug enabled an attacker to produce unauthorized Zilliqa-bridged versions of Ethereum (zETH) and Binance Smart Chain (zBNB) tokens without locking up corresponding assets on their home networks.
The exploit extracted a total of 531 zETH and 2.2133 zBNB tokens. Having created such tokens, the attacker bridged a portion to respective native blockchains and then swapped others on ZilSwap, the project’s decentralized exchange. Through these operations, the attacker obtained around $42,000 of USDT along with 0.0718 zWBTC.
As the incident happened, Dyer shared several urgent alerts on X. He cautioned users from interacting with the X-Bridge protocol or trading any zETH via ZilSwap. In his messages, he stressed the gravity of the situation, announcing, “This is a difficult time, but our team is working to resolve the situation,” and referring users to official channels for information.
Dyer, who had been actively posting about the breach on social media at the time of the incident, has not shared a post since February when the exploit took place.
Zilliqa’s response to the exploit
As an immediate precaution, Zilliqa’s technical team shut down the bridge relayer and paused the affected token manager contracts to prevent further unauthorized minting. The team also coordinated with Switcheo, the operator of ZilSwap, to disable all zETH pools to limit the attacker’s ability to liquidate the fraudulent tokens.
In the days following the breach, Zilliqa deployed new contracts for both zETH and zBNB. These new implementations retained legitimate balances as of specific blockchain snapshots (block 4465720 for zETH and block 4474090 for zBNB). This removed the invalid tokens associated with the attacker from circulation.
Users who had purchased or transacted zETH or zBNB after the exploit were provided with a support window. Throughout the incident response period, Dyer was publicly visible in managing communications. He repeatedly urged users to take caution and follow official guidance.
Cryptopolitan Academy: Coming Soon - A New Way to Earn Passive Income with DeFi in 2025. Learn More
Read More