Summary:

A hacker exploited Hyperbridge to mint 1 billion bridged DOT tokens on Ethereum.
The attacker converted part of the tokens into 108.2 ETH (~$237,000).
Polkadot confirmed native DOT and its ecosystem were not affected.
The bridge has been paused while the team investigates and prepares a fix.
The incident reignites concerns around cross-chain bridge security.
Forged Message Exploit Leads to Massive Token Mint

A fresh exploit involving Hyperbridge has once again put cross-chain infrastructure under scrutiny. The attacker managed to mint an astonishing 1 billion bridged Polkadot (DOT) tokens on Ethereum in a single transaction, before cashing out a portion for roughly $237,000. According to blockchain data shared by CertiK, the exploit was carried out by manipulating the protocol's verification process. The attacker was able to inject a forged message that altered administrative control of the Polkadot token contract on Ethereum. With that access, minting a massive amount of tokens became possible. CertiK described the incident clearly:

"We have seen an exploit on the @hyperbridge gateway contract. skylens.certik.com/tx/eth/0x240ae... The attacker slipped through a forged message to change the admin of Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens. Stay Vigilant!" Source

Despite the scale of the mint, the actual profit remained relatively limited. The attacker was constrained by liquidity in the bridged DOT market, meaning only a fraction of the minted tokens could be sold without crashing the price. In total, the exploiter walked away with 108.2 Ether. This kind of attack highlights a key reality in DeFi. Even when exploits are technically large, real-world gains often depend on how much liquidity is available to exit positions. In this case, the system's own limits capped the damage.

Polkadot Confirms Core Network Remains Safe

Shortly after the exploit surfaced, Polkadot addressed concerns and clarified the scope of the issue. The team emphasized that the vulnerability was isolated to bridged tokens on Ethereum and did not impact the core network or its native assets. In its statement, Polkadot said:

"We're aware of an issue affecting @hyperbridge's Ethereum gateway contract. The exploit only affects DOT on Ethereum that is bridged through Hyperbridge and does not affect DOT in the Polkadot ecosystem, or DOT bridged through other bridges." Source

However, Bridged tokens are essentially representations of assets that exist on another chain. They rely on smart contracts and verification systems to maintain a 1:1 relationship with the original asset. When that system breaks, the problem stays within the bridge rather than spreading to the base layer. Following the incident, Hyperbridge paused operations to prevent further damage. Early insights from contributors suggest the attacker constructed a malicious proof that tricked the protocol's Merkle tree verification system - a mechanism used to confirm data authenticity across chains. A contributor described the situation in simple terms, noting that the attacker managed to fool the verification logic into accepting false data as valid. While technical in nature, If a bridge trusts incorrect information, it can create assets that shouldn't exist.

The native DOT token did see a brief dip in price after the news broke, falling to around $1.16 before stabilizing above $1.19. The recovery suggests that markets viewed the issue as contained.

Bridge Security Back in Focus

This exploit adds to a growing list of incidents that continue to challenge confidence in cross-chain bridges. While these systems are essential for moving assets between blockchains, they also introduce additional layers of complexity - and with that, new attack surfaces. Hyperbridge had positioned itself as a more secure solution, promoting a design based on cryptographic proofs rather than centralized validators. The idea was to offer stronger guarantees by verifying transactions using mathematical proofs. However, this incident shows that even proof-based systems are not immune. If the verification process itself can be manipulated, the security model breaks down.

Bridges remain one of the most targeted components in crypto. They hold large amounts of value and often operate with complex logic that can be difficult to fully audit. Even small flaws can lead to significant consequences. For users, the takeaway is not necessarily to avoid bridges altogether, but to understand the risks involved. Not all bridges are built the same, and even well-designed systems can face unexpected challenges. For developers, the pressure is increasing to improve verification methods, conduct deeper audits, and design systems that fail safely when something goes wrong.