Zerion detected abnormal activity on app.zerion.io and pulled the web app offline. Blockaid has blocked the site. iOS, Android, and browser extensions remain fully safe.
Zerion flagged something unusual on its web app on April 11. The team moved fast. Within hours, app.zerion.io was offline.
The Web3 wallet platform confirmed the incident directly on X, urging users to stop using the web interface until further notice. “We’re investigating some abnormal activity on app.zerion.io,” Zerion wrote on X, adding that user funds remain safe inside self-custodial wallets. The team asked everyone to rely only on official communication from the account.
No details on the nature of the activity came immediately. The team did not confirm whether an exploit was involved or what triggered the alert.
Blockaid Steps In, Mobile Apps Stay Untouched
A second update followed. Zerion said it had proactively taken the web app down and that security firm @blockaid_ had also blocked the site as a precautionary step. “The iOS and Android Apps, Web Extension are SAFE and are not affected,” Zerion confirmed on X. The team said it is actively monitoring the situation.
The response puts Zerion among platforms that are choosing transparency and speed over waiting. This comes as crypto hacks dropped to $168 million in Q1 2026, down sharply from the year prior, though security incidents continue targeting web-based interfaces in particular.
Self-custodial architecture is the reason user funds are protected here. Because Zerion operates as a non-custodial wallet, the platform holds no private keys. Funds sit with the user. The web app going offline does not change that.
What Users Should Do Right Now
The advice from Zerion is clear. Avoid the web app entirely. Use the iOS app, the Android app, or the browser extension only. Do not interact with any links claiming to be app.zerion.io until the team confirms the platform is restored.
This pattern of a compromised frontend while underlying funds remain intact is not new. Just days ago, a fake trading firm compromised Drift Protocol through a sophisticated social engineering attack targeting the web interface and developer access. The nature of these incidents shows how web app layers often carry the most exposure in DeFi infrastructure.
Zerion said another update will come once the web app is restored. No timeline was given.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Deepfake Call Tricks Cardano Dev, Exposes New Weak Spot
A Cardano developer says a realistic AI deepfake video call led to a laptop breach, a reminder that the next wave of crypto attacks may start with faces and voices rather than smart contracts.
The warning, shared with the Cardano community, describes an incident in which an impostor used
DailyCoin6h ago
French Prosecutors Charge 88 in Crypto Wrench Attack Ring
French authorities have charged 88 individuals, including 10 minors, in connection with kidnappings and extortions targeting cryptocurrency owners, according to a statement from the National Public Prosecutor's Office for Organized Crime (PNACO) released Friday. The charges are tied to 12 ongoing
CryptoFrontier8h ago
When DeFi is too slow for young people and too risky for old money: are we all using Treasury bond interest to shoulder junk bond risk?
DeFi once attracted young people with five-figure APY rates, but it is now seen as overpriced and carrying too much risk. Over the past year, more than $1.62 billion has been stolen, and at one point Aave’s interest rate spiked to 12.4%. The fair yield is about 12.55%, with a retail entry threshold of 18%. Institutional players prefer “strategy-isolated vaults” to reduce tail risk. Conclusion: high leverage is no longer in; in the future, we’ll need higher-risk pricing and insurance tools to accommodate both young people and old money.
ChainNewsAbmedia12h ago
Robinhood Warns of Phishing Emails Sent to Some Customers
Gate News message, April 27 — Robinhood alerted users on social media that some customers received fraudulent emails last Sunday evening claiming to be from noreply@robinhood.com with the subject line "Your recent login to Robinhood."
The phishing attempt stemmed from misuse of the account
GateNews12h ago
Websea Crypto Exchange Faces Suspected Exit Scam, Withdrawal Channels Closed
Gate News message, April 27 — Crypto trading platform Websea has suspended withdrawals and closed its C2C (peer-to-peer) channels, with multiple users reporting the exchange appears to have conducted an exit scam. The platform initially restricted withdrawals before completely shutting down the C2C
GateNews13h ago
RAVE Token Surges 110x in Two Weeks, Then Crashes 98% Amid Market Manipulation Allegations
Gate News message, April 27 — RAVE, the native token of RaveDAO (a Web3-based cultural community project), skyrocketed 110x in two weeks before plummeting 98% over two days on April 19-20, prompting comparisons to the infamous 2007 Lubo stock manipulation scandal in South Korea.
On April 18, RAVE r
GateNews16h ago
