Hacker Mints $1.19 Billion in Polkadot on Ethereum Bridge

A vulnerability in Hyperbridge allowed an attacker to mint $1.19 billion in DOT tokens, though low liquidity limited the actual theft to $237,000 in ETH.

While the nominal value of the created assets exceeded $1.19 billion, the attacker’s actual profit was significantly lower—approximately $237,000 in Ethereum.

The breach does not affect the Polkadot mainnet or its native token. Instead, it targeted the “bridged” version of the asset, which is created and traded on Ethereum via specific smart contracts. This limited the direct impact on the broader market, yet it once again raises questions regarding the security of bridge infrastructure.

How the Attack Was Carried Out

According to information from CoinDesk, the vulnerability was linked to how Hyperbridge validates messages between different blockchains. The attacker successfully sent a forged message that the system accepted as legitimate.

This allowed the exploiter to gain administrative control over the bridge token contract. Once these rights were acquired, they minted a massive quantity of new tokens in a single transaction—a standard scenario in such exploits.

Following the minting, the tokens were transferred and swapped through decentralized platforms to be converted into ETH.

Limited Profit Due to Low Liquidity

Despite the massive scale of the attack, market liquidity restricted the potential profit. The trading pools for DOT on Ethereum were not deep enough to absorb such a high volume without a severe price collapse.

As a result, when attempting to sell the tokens, the attacker effectively crashed the price and received only a small fraction of their theoretical value. The total profit is estimated at approximately 108 ETH.

What This Means for the Crypto Market

The incident highlights a primary issue within DeFi—blockchain bridges. These protocols often hold broad permissions over tokens, making them vulnerable to code errors or security oversights.

Analysts warn that if a similar vulnerability were exploited on a more liquid asset or a larger market, the damages could be many times greater.

Summary

While this specific case resulted in relatively limited financial losses, it serves as a clear signal of the ongoing risks in cross-chain infrastructure. For investors, it remains a reminder that beyond volatility, technological vulnerabilities are a key factor when evaluating crypto assets.