Hyperbridge flaw allowed fake DOT minting, exposing weak cross-chain validation and triggering sharp market disruption.
Concerns over cross-chain security have emerged after a major exploit hit the Hyperbridge protocol. Attackers managed to mint a massive supply of unauthorized bridged DOT tokens on Ethereum. Market participants are now reassessing risks tied to interoperability infrastructure.
A critical flaw in the Hyperbridge gateway contract enabled attackers to manipulate bridged assets in the Polkadot ecosystem. Onchain findings indicate that 1 billion illegitimate DOT tokens were created on Ethereum and rapidly sold.
According to blockchain security firm CertiK, the issue stemmed from weak validation in the protocol’s cross-chain message verification system. By crafting a malicious message, the attacker bypassed security checks and assumed control of the Ethereum-based token contract.
We have seen an exploit on the @hyperbridge gateway contract. https://t.co/h27iDm1JGd
The attacker slipped through a forged message to change the admin of Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens.
Stay… pic.twitter.com/3t2n4uq5hy
— CertiK Alert (@CertiKAlert) April 13, 2026
Further analysis revealed the vulnerability was tied to the Merkle Mountain Range logic. When only a single leaf was present, the verification process failed to properly link proof data to the transaction request. This gap enabled the reuse of old transaction data and the execution of the attack.
Blockchain analytics platform Onchain Lens reported that the price of bridged DOT on Ethereum collapsed from about $1.22 to fractions of a cent within minutes. The rapid sell-off reflected both the inflated supply and loss of trust in the affected asset.
Developers behind Polkadot clarified that the exploit did not impact native DOT on its main network. Only tokens bridged to Ethereum through Hyperbridge were affected. Other bridging routes and core network operations remain intact.
We’re aware of an issue affecting @hyperbridge's Ethereum gateway contract.
The exploit only affects DOT on Ethereum that is bridged through Hyperbridge and does not affect DOT in the Polkadot ecosystem, or DOT bridged through other bridges.
Polkadot, its parachains, and…
— Polkadot (@Polkadot) April 13, 2026
Following the incident, Polkadot clarified the problem involving Hyperbridge’s Ethereum gateway. The team stated that the issue is limited to DOT tokens bridged via Hyperbridge on Ethereum.
Assets on the main Polkadot network, as well as those moved through other bridges, remain safe. Polkadot also noted that its core network and parachains were not affected. Meanwhile, Hyperbridge operations have been temporarily halted as the investigation continues.
Major South Korean exchanges, including Upbit and Bithumb, suspended deposits and withdrawals of DOT. Both platforms cited security concerns following the incident.
The event comes shortly after scrutiny intensified in South Korea’s crypto market. Authorities recently opened an investigation into Bithumb over a large Bitcoin transfer error, raising broader concerns about operational and systemic risks.
The post $DOT Bridging Exploit: Hackers Mint 1 Billion Unauthorized Tokens appeared first on Live Bitcoin News.
