Back

Gravity Bridge Exploit Results in $5.4 Million Theft

Severity: High (Score: 66.0)

Sources: Cryptonews, Techflowpost, Cryptopolitan, coinfomania.com

Published: 2026-05-30 · Updated: 2026-05-31

Keywords: bridge, gravity, suspected, exploit, security, coinfomania, suffers

Summary

On May 30, 2026, Gravity Bridge, a cross-chain bridge between Ethereum and Cosmos, was exploited, resulting in a theft of approximately $5.4 million. The attack is believed to have been facilitated by a compromised bridge contract key, allowing the hacker to drain assets including $4.3 million in USDC, 274 ETH (around $553,000), $434,000 in USDT, and 14,164 PAYG tokens valued at $64,000. Blockchain security firms PeckShield and Specter identified the incident, which highlights ongoing vulnerabilities in cross-chain infrastructure. As of the latest reports, the attacker retains about 2,102 ETH (valued at roughly $4.23 million) in their wallet, with some stolen funds already laundered through services like ChangeNow and Binance. Gravity Bridge has not yet issued an official statement regarding the incident. The exploit underscores the increasing risks associated with cross-chain bridges, which have become prime targets for cybercriminals. Key Points: • Gravity Bridge lost approximately $5.4 million due to a contract key compromise. • The stolen assets included $4.3 million in USDC and 274 ETH, among others. • The attacker is still holding around 2,102 ETH, complicating recovery efforts.

Detailed Analysis

**Impact** Approximately $5.4 million in cryptocurrency was stolen from Gravity Bridge, a cross-chain bridge connecting Ethereum and Cosmos ecosystems. The stolen assets include $4.3 million in USDC, 274 WETH (~$553,000), $434,000 in USDT, and 14,164 PAYG tokens (~$64,000). This theft represents a significant portion of the bridge’s total value locked (TVL) of approximately $6.2 million, affecting users and liquidity providers relying on this infrastructure. The incident impacts the DeFi sector, particularly cross-chain bridging services, with no geographic limitations specified. **Technical Details** The attack vector is suspected to be a compromised bridge contract key or signing path, allowing unauthorized withdrawal of funds. Two Ethereum addresses linked to the attacker are “0x7B58…a1F9” and “0x4d3c…7A47.” The attacker moved part of the stolen assets through laundering services including ChangeNow and Binance. No specific malware, CVEs, or additional tools were mentioned in the reports. **Recommended Response** Defenders should implement and enforce multi-signature controls and hardware-secured key storage for contract keys. Continuous on-chain monitoring of suspicious wallet activity and rapid flagging of addresses associated with the theft are critical. Exchanges and compliance teams should be alerted to freeze or block transactions involving the identified attacker addresses. Gravity Bridge and similar projects should review and harden operational security and emergency response procedures.

Source articles (4)

  • Gravity Bridge Hit by Suspected $5.4M Exploit — Cryptonews · 2026-05-30
    Gravity Bridge is facing scrutiny after blockchain security researchers reported a suspected exploit. That drained approximately $5.4 million from the cross-chain bridge on May 30. According to on-cha…
  • coinfomania.com — coinfomania.com · 2026-05-30
    Gravity Bridge suffers a suspected $5.4M exploit on May 30, due to a contract key leak, prompting security firms to track stolen assets. Summary is AI generated, newsroom reviewed. On-chain analysts S…
  • Hackers drain $5.4M from Gravity's Ethereum - Cosmos bridge — Cryptopolitan · 2026-05-30
    An attacker has drained approximately $5.4 million from Gravity Bridge, the cross-chain bridge connecting Ethereum and the Cosmos ecosystem, in what on-chain analysts suspect was a contract key compro…
  • Gravity Bridge Reportedly Attacked, Approximately $5.4 Million in Cryptocurrency Stolen — Techflowpost · 2026-05-30
    TechFlow News: On May 30, according to on-chain analyst Specter’s monitoring, the cross-chain bridge Gravity Bridge appears to have suffered an attack; related contract keys may have been compromised,…

Timeline

  • 2026-05-30 — Gravity Bridge exploited: An attacker compromised the bridge's contract key, draining approximately $5.4 million in assets.
  • 2026-05-30 — Assets identified as stolen: The stolen assets included $4.3 million in USDC, 274 ETH, $434,000 in USDT, and 14,164 PAYG tokens.
  • 2026-05-30 — Funds laundered through exchanges: A portion of the stolen funds was laundered through ChangeNow and Binance.
  • 2026-05-30 — Investigation ongoing: Security researchers are monitoring the attacker's wallet activity to track fund movements and recovery opportunities.

Related entities

  • Data Breach (Attack Type)
  • Binance (Company)
  • ChangeNOW (Company)
  • Gravity Bridge (Company)
  • Cosmos (Company)
  • Ethereum (Company)
  • coinfomania.com (Domain)
  • cryptopolitan.com (Domain)
  • usdt.at (Domain)
  • 0x7B582033061b96cC3F9421e73a749ED7C62da1F9 (Eth)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed