Polkadot-based cross-chain solution Hyperbridge suffered a major exploit that allowed attackers to mint up to one billion DOT tokens without authorization and quickly dump them on Ethereum, as flagged by blockchain security firm CertiK.
#CertiKInsight 🚨
We have seen an exploit on the @hyperbridge gateway contract. https://t.co/h27iDm1JGd
The attacker slipped through a forged message to change the admin of Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens.
Stay… pic.twitter.com/3t2n4uq5hy
— CertiK Alert (@CertiKAlert) April 13, 2026
On-chain analysis indicates the breach occurred on April 13 when attacker controlled wallets gained governance access to the bridge contract. They then minted 1 billion DOT on Ethereum and sold the full amount within approximately an hour, causing prices to collapse from around $1.22 to near zero in impacted pools.
The native Polkadot blockchain was not directly affected.
DOT fell from $1.23 to $1.17 as the reports broke, per CoinGecko.
Hyperbridge is a Polkadot interoperability coprocessor designed to enable secure cross-chain communication using cryptographic state and consensus proofs beyond shared-security parachains.
This is a developing story. We will provide updates as more information becomes available.
