Polkadot-based cross-chain solution Hyperbridge suffered a major exploit that allowed attackers to mint up to one billion DOT tokens without authorization and quickly dump them on Ethereum, as flagged by blockchain security firm CertiK.
We have seen an exploit on the @hyperbridge gateway contract. https://t.co/h27iDm1JGd
The attacker slipped through a forged message to change the admin of Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens.
Stay… pic.twitter.com/3t2n4uq5hy
— CertiK Alert (@CertiKAlert) April 13, 2026
On-chain analysis indicates the breach occurred on April 13 when attacker controlled wallets gained governance access to the bridge contract. They then minted 1 billion DOT on Ethereum and sold the full amount within approximately an hour, causing prices to collapse from around $1.22 to near zero in impacted pools.
The native Polkadot blockchain was not directly affected.
DOT fell from $1.23 to $1.17 as the reports broke, per CoinGecko.
Hyperbridge is a Polkadot interoperability coprocessor designed to enable secure cross-chain communication using cryptographic state and consensus proofs beyond shared-security parachains.
This is a developing story. We will provide updates as more information becomes available.
