Key Highlights
- Hyperbridge exploit drained ~$237K after a Token Gateway verification flaw allowed forged proofs on Ethereum.
- Attackers minted excess bridged tokens and quickly sold them on DEXs after bypassing validation checks.
- The impact was limited to bridged DOT tokens, with operations paused as fixes and investigations continue.
Hyperbridge, a system that allows open and unrestricted transactions, announced that a security flaw caused approximately $237,000 in losses on the Ethereum network when someone took advantage of its Token Gateway.
The team announced on X (formerly Twitter) on Monday that they stopped all temporary fixes as soon as they noticed a problem, and they are currently investigating what happened.
Important Security Notice: A weakness in Hyperbridge’s Token Gateway was used by an attacker on April 13, 2026, causing losses of around $237,000 in Ethereum. We stopped all bridging activity as soon as we discovered the problem, and this is an update on…
— Hyperbridge (@hyperbridge) April 13, 2026
Attack enabled by proof verification flaw
The security flaw stemmed from a problem in the way the system checked proofs. It was found in the code that validated Merkle Mountain Range (MMR) proofs within a smart contract.
BlockSec’s security research revealed a flaw in how the system checked incoming information. This allowed attackers to send fake data that the system mistakenly believed was legitimate. Consequently, the system processed a harmful message.
Unauthorized minting and rapid sell-off
The attacker managed to get around security measures and take control of the token contract, allowing them to create a large number of fake assets.
Around 1 billion fake DOT tokens were generated, significantly more than the actual number in circulation. The person responsible then sold these tokens on decentralized exchanges, profiting from the situation before the problem could be fully resolved.
Impact limited to bridged assets
The team reports that the issue only affected DOT tokens moved to Ethereum. Everything else within the Polkadot network remained safe and unaffected.
The security issue didn’t affect the core security of the bridge itself. It works by verifying information on the blockchain, not by relying on approvals from specific people or groups.
Broader risks in bridge infrastructure
Cross-chain bridges are often hacked, but usually because of mistakes in how they’re built, not because of fundamental design problems. Hyperbridge tried to make things safer by using cryptography to verify transactions, but the recent hack proves that even small errors during operation can still create weaknesses.
The problem wasn’t with the main system that connects things, but with a lack of checks to make sure the information was correct before processing.
Response and next steps
Hyperbridge is collaborating with security experts to try and recover stolen funds. Bridging services are temporarily suspended while they work on solutions and thoroughly test them.
The team hasn’t said when operations will restart, but they’ll share more information as they continue to investigate the situation.
Read More
- ETH PREDICTION. ETH cryptocurrency
- Gold Rate Forecast
- Brent Oil Forecast
- EUR PHP PREDICTION
- Gears A-Turning in Crypto: Trump Kin’s Wild SEI Gamble Unveiled!
- Silver Rate Forecast
- FET PREDICTION. FET cryptocurrency
- You’ll Never Guess What Ethereum Did After Jumping Over $2,700 🚀 (Hint: Not Ballet)
- YZi Labs: Predictfun’s the Future (or Why 2026 Will Be Full of Broke People)
- Drift Protocol’s Multisig Meltdown: A Tale of Compromised Signers!
2026-04-13 17:09