Hyperbridge has raised its loss estimate from roughly $237,000 to about $2.5 million following an April 13 Token Gateway exploit on the Polkadot-native protocol.
Today’s updated figure reflects losses across incentive pools on Ethereum, Base, BNB Chain, and Arbitrum that were not included in the initial calculation, the team said in a post-incident update.
Early reporting had centered on a relatively limited impact tied to the dumping of newly minted bridged DOT. However, the revised assessment captures a broader, multi-chain footprint.
The attack unfolded in two stages, Hyperbridge’s team noted.
An initial extraction of roughly 245 ETH was followed about an hour later by a forged cross-chain message that bypassed Merkle Mountain Range proof verification.
Through this loophole, the attacker was able to mint approximately 1 billion bridged DOT tokens and sell them into available liquidity.
The exploit was contained to Hyperbridge’s Token Gateway and associated bridged token contracts on the affected EVM networks. Native DOT on Polkadot and assets bridged through other providers were not impacted, according to the update.
Bridging through Token Gateway is still paused, with services set to resume only after a patch is deployed, independently audited, and made public.
Hyperbridge said a significant portion of the exploited funds has been traced onchain and routed to Binance. The team is working with the exchange’s compliance unit and law enforcement agencies, while withholding operational details during the investigation.
However, recovery timelines are expected to stretch out. The team said meaningful asset recovery in incidents of this type can take months and, in some cases, up to a year.
If recovery efforts fall short, Hyperbridge said it will allocate its native BRIDGE token to cover remaining user losses, with a structured distribution planned one year from the date of the exploit.
The incident has also prompted a broader review of the protocol’s security model.
Engineers are finalizing a patch targeting the verification logic that enabled the exploit, with the fix designed to address the wider class of vulnerability rather than a single failure point.
The team maintained that proof-based bridge design remains the most secure approach despite the breach, pointing to more than $2.8 billion lost across the industry in the past two years, largely tied to compromised signers and multisig systems.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2026 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
