The breach at Hyperbridge that led to the minting of one billion wrapped Polkadot (DOT) tokens was far more damaging than initially disclosed, according to Hyperbridge’s team. The original loss estimate stood at $237,000 in token value; however, further analysis revealed losses amounting to roughly $2.5 million—a tenfold increase from initial figures.
In a detailed postmortem issued on Thursday, the team explained that an attacker took advantage of a flaw within the Merkle Mountain Range (MMR) proof verification system. This exploit allowed for the unauthorized minting of assets and the draining of escrowed assets through Token Gateway. The attack involved extracting approximately 245 ETH from a connected Token Gateway contract.
Subsequently, the hacker managed to send a forged cross-chain message that bypassed MMR proof checks, enabling them to mint and then sell off one billion bridged DOT tokens into illiquid markets.
The initial public assessment of the loss was based on the immediate sale of these bridged DOT tokens on Ethereum, which amounted to $237,000. This figure failed to account for the full extent of the breach. In addition to this amount, a smart contract was exploited for 245 ETH or roughly $561,000 prior to the unauthorized DOT mintings.
Contrary to their initial report, three blockchains—Base, Arbitrum, and BNB Chain—were also affected by the exploit, not just wrapped DOT on Ethereum. Following a comprehensive analysis of the attacker’s activities across all four impacted chains, including losses from incentive pools associated with the breach, the total revised loss was estimated at $2.5 million in ETH and DOT values at the time.
The stolen funds were traced to a deposit address on Binance, prompting collaboration with its compliance team and law enforcement agencies to attempt asset recovery. However, the Hyperbridge team anticipates that resolving the case could take months to over a year.
While aiming to restore affected users’ losses, the protocol has committed to using BRIDGE tokens for covering any residual loss if recovery efforts fall short. Despite this commitment, BRIDGE’s trading volume remains low, with recent trades recorded at $1,800 over 24 hours compared to just $0.006 on March 29, according to CoinGecko data. The token’s market cap stood at approximately $858,000, covering only a fraction of the total losses incurred.
Operations for bridging across all four impacted blockchains have been suspended pending deployment and auditing of necessary patches. Hyperbridge emphasized that secure cross-chain interoperability relies on robust cryptographic proofs. This incident highlighted the necessity for more frequent audits and rigorous adversarial testing at every layer, setting a new operational standard for Token Gateway moving forward.