Hyperbridge Exploited for $237,000, Reigniting Blockchain Bridge Security Concerns

A significant security breach has targeted Hyperbridge, a cross-chain interoperability protocol built on the Polkadot network, resulting in a loss of approximately $237,000 and amplifying existing concerns surrounding the security of blockchain bridge infrastructure. The attack, which saw an unauthorized minting of 1 billion bridged Polkadot (DOT) tokens in a single transaction on the Hyperbridge platform, highlights the persistent vulnerabilities within the decentralized finance (DeFi) ecosystem.

According to blockchain data provided by cybersecurity platform CertiK, the exploit specifically impacted DOT tokens that had been bridged to the Ethereum network via Hyperbridge. Crucially, native DOT tokens and the broader Polkadot ecosystem remained unaffected by this incident. Polkadot confirmed this in a statement posted on X (formerly Twitter) on Monday, reassuring users that the integrity of the core network was not compromised.

CertiK elaborated on the attack vector, stating that the hacker successfully "slipped through a forged message to change the admin of Polkadot token contract on Ethereum." This manipulation allowed the attacker to mint a substantial amount of bridged DOT. However, the financial gains were limited by the relatively low liquidity present in the bridged DOT pool on Ethereum, capping the hacker’s profits at 108.2 Ether (ETH), which equates to roughly $237,000 at the time of the exploit.

In response to the security incident, Hyperbridge has temporarily paused its operations. The development team is reportedly working on an upgrade to address the vulnerability. A contributor to Hyperbridge, known as Web3 Philosopher, indicated that the initial assessment pointed towards a malicious proof that successfully deceived the protocol’s Merkle tree verifier.

This exploit is particularly noteworthy given Hyperbridge’s self-proclaimed security posture. The protocol has been marketed as a proof-based interoperability layer designed to offer "full node security" for cross-chain bridges. The incident also occurs in the wake of a separate bridge exploit disclosed by Aethir just last week, where user losses were contained to under $90,000, underscoring a growing trend of security challenges in the cross-chain communication space.

Cybersecurity research firm Blocksec Falcon suggested that a potential root cause of the Hyperbridge exploit could be a vulnerability related to Merkle Mountain Range (MMR) proof replay. They attributed this to a missing proof-to-request binding, although the definitive root cause has not yet been officially confirmed by the Hyperbridge protocol.

The price of the native DOT token experienced a brief dip, reaching a daily low of $1.16 on Monday. However, it subsequently recovered and was trading above $1.19 at the time of reporting, according to data from CoinGecko. The visual representations of DOT/USD price movements over a 24-hour period illustrate this volatility.

The Hyperbridge incident is not an isolated event in the recent crypto security landscape. On Sunday, the data indexing protocol SubQuery Network also fell victim to an exploit, resulting in a loss of approximately $130,000. This breach was attributed to missing access control data, which exposed code that had been in place for over two years. According to Pashov, a blockchain security auditor, this vulnerability allowed the attacker to reroute staking rewards to their own contract.

These ongoing security incidents persist despite a notable year-over-year decrease in overall DeFi exploit losses. Data indicates that hackers stole over $168 million from 34 decentralized finance (DeFi) protocols in the first quarter of 2026. This figure represents a significant reduction compared to the $1.58 billion stolen in the first quarter of 2025, a period marked by the record-breaking $1.4 billion Bybit hack.

Cointelegraph has reached out to Hyperbridge for further comment regarding the specific root cause of the exploit and their ongoing remediation efforts.

The broader context of cybersecurity in the crypto space is further highlighted by reports of new AI cybercrime tools targeting crypto and bank KYC systems through deepfakes, and the ongoing work of on-chain crypto detectives who are playing an increasingly vital role in combating digital crime.

Cointelegraph remains committed to delivering independent and transparent journalism, adhering to its Editorial Policy to ensure accurate and timely reporting. Readers are encouraged to conduct their own independent verification of information.