Hyperbridge, a cross-chain messaging system used to move assets between networks, appears to have suffered a bridge-specific exploit that let an attacker mint 1 billion bridged DOT tokens on Ethereum. The incident affected the Ethereum-side representation of DOT, not native balances on Polkadot itself.

What happened

CoinDesk's reconstruction, backed by a linked CertiK Skylens trace, says the attacker forged an incoming cross-chain message against Hyperbridge's Ethereum-side gateway flow. That appears to have reassigned admin control over the bridged DOT ERC-20 contract, then used that control to mint a huge amount of counterfeit supply and dump it into Ethereum liquidity.

The key distinction is where the failure occurred. This does not appear to be a Polkadot consensus or token-issuance bug. It looks like a verification failure in the bridge path that accepted a malicious message on the destination chain.

Why it matters

The strange part is how little the attacker actually realized. Etherscan now labels the receiving wallet as "Bridged DOT Exploiter," and the address held about 112.98 ETH at publication, broadly consistent with reports that the swaps yielded only around 108 ETH, or roughly $237,000.

Thin liquidity on Ethereum-side DOT pools seems to have limited the damage. Even so, the exploit is a reminder that bridge validation bugs can create admin-level token failures on connected chains without touching the underlying source network. In this case, shallow liquidity saved Hyperbridge from a much uglier outcome.