The hack that earlier this week led to the creation of 1 billion wrapped Polkadot (DOT) tokens turned out to be much more serious than initially reported. This was stated by the Hyperbridge team.
Initially, the damage was estimated at about $237,000, but it has now emerged that the real losses are closer to $2.5 million. That is more than 10 times the first estimates.
In a post-mortem published Thursday, the team explained that the attacker exploited a vulnerability in the MMR proof verification mechanism.
“The attacker used a bug in the Merkle Mountain Range (MMR) verification logic, which allowed them to issue assets and withdraw funds from escrow via the Token Gateway,” the developers said.
At first, the team estimated the losses at about $237,000. This figure was based on how many DOT tokens were immediately dumped on the Ethereum network.
Later, it became clear that the picture was incomplete.
In addition to these $237,000, the attacker withdrew 245 ETH, or about $561,000, even before the main hack. The attack also affected several networks at once. Base, Arbitrum, and BNB Chain were impacted, although the team initially said the problem only affected wrapped-DOT on the Ethereum network.
After a full analysis, it became clear that the attack took place in two stages and affected several liquidity sources at once, including incentive pools.
“After reconciling the attacker’s activity across all four networks and accounting for all stages of the attack, the total damage amounted to about $2.5 million in ETH and DOT at the time of the hack,” the developers said.
The stolen funds were tracked. They were transferred to a Binance deposit address. The team has already contacted the exchange and law enforcement agencies to try to freeze the assets.
However, they do not expect a quick result.
See Also: Oil Plunges, Bitcoin and Stocks Rise After Iran’s Statement on the Strait of Hormuz
The team said it will use all possible means to recover the funds. But they also admit that such cases are not resolved quickly.
“We will use all available channels, but in such situations, it usually takes months, sometimes up to a year, to recover funds,” the developers noted.
The main goal now is to compensate users for their losses. If the stolen funds cannot be returned, the team plans to cover the remainder by distributing BRIDGE tokens.
The problem is that the token itself is barely traded. Over the past 24 hours, the volume was only about $1,800, with a price of about $0.006 at the end of March.
At these values, its market capitalization is around $858,000. That is about a third of the total damage caused by the hack.
Bridge operations in the affected networks are currently completely halted. This concerns four blockchains. Operations will resume only after a patch is released and an audit is conducted.
See Also: CFTC Reviews Oil Trades Ahead of Trump Statements
At the same time, the team has not abandoned its position on cross-chain solutions.
“We still believe that secure operation between blockchains is only possible through cryptographic proofs,” the developers said.
But the incident itself revealed a weak spot.
“This hack clearly showed that verification logic needs to be checked much more often and more strictly at every level of the system. This is the standard Token Gateway will follow going forward,” they added.
Overall, the situation once again raises the issue of cross-chain solution security. Despite their popularity, bridges remain one of the most vulnerable parts of the entire crypto infrastructure.
Such attacks happen regularly, and almost every time the problem is not with the idea itself, but with the implementation. Even a small error in verification logic or contract interaction can lead to large-scale losses.
Meanwhile, interest in cross-chain technologies is not going away. On the contrary, as ecosystems grow, the need for fast and convenient transfers between networks only increases. This creates a constant conflict between convenience and security.
See Also: Bitwise Launches Avalanche ETP With Staking Yield
The story with Hyperbridge once again shows that one audit is not enough. Projects are forced to rethink their approach to testing and consider attack scenarios that were previously considered unlikely.
In the near future, the market will likely become even more demanding of such solutions. Users and investors are no longer willing to turn a blind eye to risks, especially when millions of dollars are at stake.
And while the industry seeks balance, bridges remain both a key part of Web3 and its weakest link.
