Hyperbridge attacker mints 1B bridged Polkadot tokens in $237K exploit
A Hyperbridge exploit let an attacker mint 1 billion bridged Polkadot tokens on Ethereum and cash out about $237,000, reviving debate over bridge security.
A hacker exploited the Polkadot-based cross-chain interoperability protocol Hyperbridge, netting about $237,000 and raising renewed security concerns about blockchain bridge infrastructure.
An attacker minted 1 billion bridged Polkadot (DOT) tokens in a single transaction on Hyperbridge, according to blockchain data shared by cybersecurity platform CertiK. The exploit only affected DOT on Ethereum that was bridged through Hyperbridge, while native DOT tokens and the wider Polkadot ecosystem remain unaffected, Polkadot noted in a Monday X post.
CertiK said the attacker managed to mint the tokens after “slipping through a forged message to change the admin of the Polkadot token contract on Ethereum.” Limited liquidity in the bridged DOT pool capped the proceeds at 108.2 Ether (ETH), worth around $237,000.