The crypto market has faced another major attack on DeFi infrastructure. This time, the target was the Ethereum bridge of the Verus Protocol project. According to security experts, the attacker withdrew assets worth more than $11.5 million through a fake cross-chain message.
The incident once again hit the cross-chain bridge sector, which remains one of the most vulnerable parts of the crypto industry. In recent years, bridges have been the source of the largest hacks in the market.
Hacker Withdraws ETH, USDC, and tBTC
Blockaid analysts were the first to notice suspicious activity. The company reported that its system detected an attack on the bridge between Verus and Ethereum, after which large transfers to an external address appeared on the network.
According to transaction data, the attacker withdrew about 1,625 ETH, nearly 148,000 USDC, and more than 103 tBTC v2. The total amount exceeded $11.5 million.
Later, PeckShield specialists confirmed the attack. According to them, the stolen assets were quickly converted into Ethereum. Currently, the alleged attacker’s wallet holds about 5,402 ETH. At the time of publication, the Verus team had not officially confirmed the hack.
Fake Cross-Chain Operation Was the Cause
According to preliminary findings by analysts, the problem was not related to key compromise or cryptography hacking, but to an error in data verification within the bridge.
Blockaid stated that the attacker managed to forge a cross-chain message, making the protocol believe the transfer was legitimate. After that, the bridge automatically sent funds from its reserves to the attacker’s address.
Researchers specifically emphasized that this was not a hack of ECDSA signatures, validator compromise, or a hashing error. The main problem was the lack of thorough verification of the amount and parameters of the imported operation.
According to analysts, fixing the vulnerability requires changing just a few lines of Solidity code. However, even a small error in the bridge logic led to multimillion-dollar losses.
Attack Recalls the Biggest Hacks of Recent Years
Experts have already compared the incident to Nomad Bridge and Wormhole—two of the most well-known bridge attacks in crypto market history.
In the case of Nomad in 2022, an error in the verification mechanism allowed users to copy malicious transactions and massively withdraw funds from the protocol. Losses then exceeded $190 million.
Wormhole lost about $325 million after a forged confirmation of a cross-chain operation between Solana and Ethereum.
The Verus scheme looks similar. In all cases, the attacker essentially convinced the bridge that the operation had passed proper verification, even though real confirmations were missing.
Cross-Chain Bridges Remain the Weakest Part of DeFi
Despite advances in audits and security infrastructure, bridges between blockchains continue to be the main target for hackers. The reason is simple: such protocols simultaneously work with multiple networks, validators, message formats, and confirmation systems. Each additional layer of logic increases the likelihood of an error.
According to industry analysts, in just the first quarter of 2026, hackers stole more than $168 million from DeFi protocols. April was an especially tough month for the market after attacks on Drift Protocol and Kelp.
Against this backdrop, the new Verus hack only heightens concerns about the security of cross-chain solutions.
DeFi Fears New Attacks Through Old Vulnerabilities
After a series of attacks, the market is increasingly discussing the problem of accumulating hidden vulnerabilities within bridges. Many projects undergo audits, but the complexity of cross-chain infrastructure makes it almost impossible to find all errors in advance.
ExVul specialists stated that the Verus exploit once again shows the need for strict binding of all downstream operations to verified data within the cross-chain message.
Otherwise, attackers gain the ability to substitute import parameters and initiate unauthorized withdrawals.
Experts also recommend implementing automatic suspension of asset withdrawals when abnormal imported operations are detected. Currently, such protection is not implemented in most bridges.
Pressure on DeFi Continues to Grow
A series of attacks is gradually changing the market’s attitude toward decentralized infrastructure. Institutional players are increasingly demanding stricter security standards, especially for bridges, stablecoins, and liquidity storage protocols.
Against this backdrop, some capital is starting to shift toward solutions with limited access architecture or permissioned models, where control over infrastructure is higher.
For DeFi, this is becoming a serious challenge. The sector is trying to preserve the principles of decentralization while simultaneously facing a constant increase in attack complexity.
What Comes Next?
The Verus incident once again showed that even a small error in the logic of a cross-chain bridge can lead to the loss of tens of millions of dollars. Moreover, the problem arose not from cryptography hacking, but from insufficient data verification within the protocol.
For the market, this is another signal that infrastructure risks in DeFi remain extremely high. Especially in the bridge segment, where security still lags far behind the volume of funds passing through them.
Read more: Crypto Lobby Increases Pressure on Georgia Primaries
