Losses from the recent hack on Hyperbridge, a project operating within the Polkadot ecosystem, have surged to $2.5 million, a sharp increase from the initially reported $237,000 figure. According to an update from the Hyperbridge team, this revised total now includes losses from incentive pools based on Ethereum, Base, BNB Chain, and Arbitrum, all connected to the April Token Gateway vulnerability. At first, the breach was believed to have caused only minimal damage, merely affecting rapidly issued bridged DOT tokens.
How the attack unfolded
The Hyperbridge team revealed that the hack was executed in two stages. In the first phase, approximately 245 ETH were extracted from the system. The second phase involved the transmission of a fraudulent cross-chain message that bypassed Merkle Mountain Range proof verification. Taking advantage of this vulnerability, the attackers were able to mint nearly 1 billion new bridged DOT tokens and immediately sold them into available liquidity. Notably, the attack was limited to the Token Gateway and its related bridged token contracts, and did not impact native DOT tokens on Polkadot or assets transferred via other bridge providers.
Token bridging through the Gateway has been suspended indefinitely. Hyperbridge stated that services will only resume following a published fix and an independent security audit. Team members also reported that a significant portion of the stolen funds can still be traced on-chain, with transaction trails leading up to the Binance exchange. The project’s team is now coordinating efforts with both Binance and law enforcement agencies.
Recovery and compensation plans
Restitution efforts may require considerable time, and previous cases suggest asset recovery can take months or even up to a year. If those attempts prove unsuccessful, Hyperbridge plans to compensate affected users with their own BRIDGE token, but only after a year has elapsed since the attack.
The incident report highlighted that the loss stemming from the bridge vulnerability had a significant impact across multi-chain operations, noting that the scope of the problem went far beyond a single security lapse.
Security review and industry context
After the breach, Hyperbridge launched a comprehensive review of the protocol’s security architecture. Engineers are currently finalizing a patch to the verification logic aimed at closing this loophole. The forthcoming fix is designed not only to resolve the identified issue, but also to proactively eliminate similar vulnerabilities in the future.
Despite this major setback, Hyperbridge maintains that their evidence-based bridging approach remains among the safest solutions available. The team pointed to sector-wide data from the past two years, showing that more than $2.8 billion has been lost due to weaknesses in signer and multi-signature systems.
While services remain suspended, Hyperbridge has urged users and stakeholders to remain patient as investigations and recovery processes continue. The platform emphasizes its commitment to transparency and communication throughout the course of the incident.
Industry analysts note that this attack adds to a troubling pattern affecting cross-chain bridges—historically among the most vulnerable targets in decentralized finance due to their complex architecture.
Law enforcement efforts, bolstered by traceable blockchain records, are seen as a hopeful sign for potential asset recovery. The project’s engagement with centralized exchanges and regulators reflects a proactive stance to mitigate lasting damage.
For users, the long-term compensation plan involving BRIDGE tokens provides a measure of reassurance, though the efficacy of such solutions often depends on the project regaining trust and market stability over time.
Ultimately, the Hyperbridge breach serves as a high-profile reminder of the ongoing security challenges facing decentralized platforms as adoption and cross-chain innovation accelerate.
