Back

Polkadot Hyperbridge Exploit Leads to Unauthorized Minting of 1 Billion DOT Tokens

Severity: Medium (Score: 51.9)

Sources: Bitget, En.Bloomingbit, Panewslab, Theblock.Co, Mexc.Co

Summary

A vulnerability in the Hyperbridge gateway contract allowed hackers to mint 1 billion unauthorized DOT tokens on Ethereum. The exploit, identified by CertiK, involved the attacker forging messages to gain administrative control of the bridged DOT token contract. Following the minting, the attacker liquidated the tokens, earning approximately $237,000. The incident did not affect the native Polkadot ecosystem, but it caused a price drop in both bridged and native DOT tokens. Polkadot confirmed that the issue only impacted DOT bridged to Ethereum and that Hyperbridge has been suspended for investigation. The exploit highlights ongoing security challenges in cross-chain token handling. The liquidity of the bridged DOT was limited, which helped contain the market impact. Investigations into the exact attack vector are ongoing, with no formal statements from Polkadot or Hyperbridge yet. Key Points: • Hackers exploited a vulnerability in Hyperbridge to mint 1 billion unauthorized DOT tokens. • The attack resulted in a profit of approximately $237,000 from the liquidation of the tokens. • Polkadot confirmed that the exploit only affected DOT on Ethereum, with no impact on the native chain.

Key Entities

  • Bithumb (company)
  • Hyperbridge (company)
  • Polkadot (company)
  • Upbit (company)
  • Ethereum (company)
  • Financial (industry)
  • Hyperbridge Vulnerability (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed