The attacker then minted the tokens, though limited liquidity in the bridged DOT pool capped the haul at 108.2 Ethereum.
Crypto News
A hacker has exploited Hyperbridge, a cross-chain interoperability protocol built on Polkadot, minting 1 billion bridged DOT tokens in a single transaction on Ethereum and walking away with approximately $237,000 in proceeds.
Cybersecurity platform CertiK confirmed the attack using blockchain data, saying the hacker inserted a forged message to seize admin control of the Polkadot token contract on Ethereum. The attacker then minted the tokens, though limited liquidity in the bridged DOT pool capped the haul at 108.2 Ethereum.
The exploit affected only DOT bridged through Hyperbridge on Ethereum. Native DOT tokens and the broader Polkadot ecosystem were not impacted, the project confirmed in a post on X.
Hyperbridge paused operations following the attack while its team worked on an upgrade. Contributor Web3 Philosopher said the initial diagnosis pointed to a malicious proof that fooled the protocol's Merkle tree verifier.
Blockchain security firm Blocksec Falcon identified the likely root cause as a Merkle Mountain Range proof replay vulnerability caused by missing proof-to-request binding, though the protocol had not confirmed a final root cause at the time of writing.
The incident carries added weight because Hyperbridge has marketed itself specifically as a proof-based interoperability layer offering full node security for cross-chain bridges. The attack puts that claim under scrutiny.
The broader security picture remains mixed. Hackers stole more than $168 million from 34 DeFi protocols in the first quarter of 2026, a sharp drop from the $1.58 billion taken in the same period of 2025. On Sunday, data indexing protocol SubQuery Network was also exploited for around $130,000 due to missing access control data.
Security auditor Pashov said in a post on X that the SubQuery vulnerability allowed the attacker to set his own contract as the withdrawal target for staking rewards. The code exposed had been written over two years ago.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
