Gravity Bridge Exploit Results in $5.4 Million Theft
Severity: High (Score: 66.0)
Sources: Cryptopolitan, beincrypto.com, coinfomania.com, Techflowpost, Cryptonews
Published: · Updated:
Keywords: bridge, gravity, suspected, exploit, security, coinfomania, suffers
Summary
On May 30, 2026, Gravity Bridge, a cross-chain bridge between Ethereum and Cosmos, was exploited, resulting in a theft of approximately $5.4 million. The attack is believed to have been facilitated by a compromised bridge contract key, allowing the hacker to drain assets including $4.3 million in USDC, 274 ETH (around $553,000), $434,000 in USDT, and 14,164 PAYG tokens valued at $64,000. Blockchain security firms PeckShield and Specter identified the incident, which highlights ongoing vulnerabilities in cross-chain infrastructure. As of the latest reports, the attacker retains about 2,102 ETH (valued at roughly $4.23 million) in their wallet, with some stolen funds already laundered through services like ChangeNow and Binance. Gravity Bridge has not yet issued an official statement regarding the incident. The exploit underscores the increasing risks associated with cross-chain bridges, which have become prime targets for cybercriminals. Key Points: • Gravity Bridge lost approximately $5.4 million due to a contract key compromise. • The stolen assets included $4.3 million in USDC and 274 ETH, among others. • The attacker is still holding around 2,102 ETH, complicating recovery efforts.
Detailed Analysis
**Impact** Approximately $5.4 million in cryptocurrency was stolen from Gravity Bridge, a cross-chain bridge connecting Ethereum and Cosmos ecosystems. The stolen assets include $4.3 million in USDC, 274 WETH (~$553,000), $434,000 in USDT, and 14,164 PAYG tokens (~$64,000). This theft represents a significant portion of the bridge’s total value locked (TVL) of approximately $6.2 million, affecting users and liquidity providers relying on this infrastructure. The incident impacts the DeFi sector, particularly cross-chain bridging services, with no geographic limitations specified. **Technical Details** The attack vector is suspected to be a compromised bridge contract key or signing path, allowing unauthorized withdrawal of funds. Two Ethereum addresses linked to the attacker are “0x7B58…a1F9” and “0x4d3c…7A47.” The attacker moved part of the stolen assets through laundering services including ChangeNow and Binance. No specific malware, CVEs, or additional tools were mentioned in the reports. **Recommended Response** Defenders should implement and enforce multi-signature controls and hardware-secured key storage for contract keys. Continuous on-chain monitoring of suspicious wallet activity and rapid flagging of addresses associated with the theft are critical. Exchanges and compliance teams should be alerted to freeze or block transactions involving the identified attacker addresses. Gravity Bridge and similar projects should review and harden operational security and emergency response procedures.
Source articles (14)
- Gravity Bridge Hit by Suspected $5.4M Exploit — Cryptonews · 2026-05-30
Gravity Bridge is facing scrutiny after blockchain security researchers reported a suspected exploit. That drained approximately $5.4 million from the cross-chain bridge on May 30. According to on-cha… - coinfomania.com — coinfomania.com · 2026-05-30
Gravity Bridge suffers a suspected $5.4M exploit on May 30, due to a contract key leak, prompting security firms to track stolen assets. Summary is AI generated, newsroom reviewed. On-chain analysts S… - Hackers drain $5.4M from Gravity's Ethereum - Cosmos bridge — Cryptopolitan · 2026-05-30
An attacker has drained approximately $5.4 million from Gravity Bridge, the cross-chain bridge connecting Ethereum and the Cosmos ecosystem, in what on-chain analysts suspect was a contract key compro… - Gravity Bridge Reportedly Attacked, Approximately $5.4 Million in Cryptocurrency Stolen — Techflowpost · 2026-05-30
TechFlow News: On May 30, according to on-chain analyst Specter’s monitoring, the cross-chain bridge Gravity Bridge appears to have suffered an attack; related contract keys may have been compromised,… - Specter: $91,000 of the stolen funds from Gravity Bridge have been frozen — Bitget · 2026-05-31
Foresight News reported, according to Specter on-chain monitoring, that with support from ChangeNOW, $91,000 of the stolen funds from the cross-chain bridge Gravity Bridge have been frozen. The attack… - Gravity Bridge Suffers $5.4M Exploit in Validator Key Security Breach — Mexc · 2026-05-31
A cross-chain bridge protocol linking Ethereum with the Cosmos network, Gravity Bridge, experienced a significant drain of approximately $5.4 million in the early hours of Saturday. According to secur… - Gravity Bridge, a Cosmos ecosystem cross-chain bridge, announced service suspension ... — Techflowpost · 2026-05-31
TechFlow reports that on May 31, Gravity Bridge—a cross-chain bridge in the Cosmos ecosystem—was reportedly attacked due to a suspected compromise of its signing keys, resulting in the theft of approx… - Of the funds stolen from Gravity Bridge, $91000 has been frozen. — Panewslab · 2026-05-31
PANews reported on May 31 that, according to on-chain analyst Specter, $91,000 of the stolen funds from the cross-chain bridge Gravity Bridge has been frozen with the support of ChangeNOW. The attacke… - Gravity Bridge Drained of $5.4M in Suspected Key Compromise — Kucoin · 2026-05-31
Gravity Bridge, a cross-chain bridge connecting Ethereum and the Cosmos ecosystem, has reportedly been drained of $5.4 million in what investigators suspect was a key compromise. The incident involved… - Cosmos-Based Gravity Bridge Goes Offline After Reported $5.4M Exploit — Mexc · 2026-05-31
Gravity Bridge, a decentralized cross-chain conduit linking Ethereum and Cosmos ecosystems, appears to have faced a substantial drain of roughly $5.4 million over the weekend. Validators paused the br… - Gravity Bridge Hack Key Compromise 5m — beincrypto.com · 2026-05-31
Attackers drained roughly $5.4 million from the Gravity Bridge Ethereum-side contract early on May 30. On-chain investigators point to a compromised signing key rather than a smart-contract flaw. The… - Gravity Bridge Pauses Operations After $5.4M Hack — Mexc · 2026-05-31
Gravity Bridge halted operations after a $5.4 million hack. Security teams are tracing funds while investigating a suspected key compromise. A major security incident has hit Gravity Bridge, a decentr… - Gravity Bridge Pauses Operations After $5.4M Hack — Mexc · 2026-05-31
Gravity Bridge halted operations after a $5.4 million hack. Security teams are tracing funds while investigating a suspected key compromise. A major security incident has hit Gravity Bridge, a decentr… - Ethereum address flagged in connection with the drain — etherscan.io · 2026-05-31
Timeline
- 2026-05-30 — Gravity Bridge exploited: An attacker compromised the bridge's contract key, draining approximately $5.4 million in assets.
- 2026-05-30 — Assets identified as stolen: The stolen assets included $4.3 million in USDC, 274 ETH, $434,000 in USDT, and 14,164 PAYG tokens.
- 2026-05-30 — Funds laundered through exchanges: A portion of the stolen funds was laundered through ChangeNow and Binance.
- 2026-05-30 — Investigation ongoing: Security researchers are monitoring the attacker's wallet activity to track fund movements and recovery opportunities.
Related entities
- Data Breach (Attack Type)
- Binance (Company)
- ChangeNOW (Company)
- Gravity Bridge (Company)
- Cosmos (Company)
- Ethereum (Company)
- coinfomania.com (Domain)
- cryptopolitan.com (Domain)
- usdt.at (Domain)
- 0x7B582033061b96cC3F9421e73a749ED7C62da1F9 (Eth)