Key Takeaways
In a display of cross-chain bridge fragility, hackers exploited a vulnerability in the Hyperbridge gateway on April 13, 2026, minting approximately 1 billion fake DOT tokens on the Ethereum mainnet.
The attackers quickly dumped the newly created supply into shallow liquidity pools, extracting roughly $237,000 in profit before the market reacted.
+70
Shiba Inu
Bitcoin
PAX Gold
Ampleforth
Ethereum
Cardano
EOS
Solana
Avalanche
Dogecoin
Ripple
TRON
Bitcoin Cash
Ocean Protocol
Litecoin
Reserve Rights
Ontology
Bitcoin SV
Ethereum Classic
Kusama
Dash
Neo
Chainlink
Qtum
Polkadot
VeChain
Stellar
Tezos
Zcash
Zilliqa
Status
JUST
Cosmos
Ravencoin
Trust Wallet Token
ARPA Chain
Nervos Network
Storj
Beam
NKN
Algorand
Celer Network
THORChain
Fantom
Optimism
Aptos
APEcoin
Wrapped Bitcoin
Compound
Monero
Basic Attention Token
Arweave
Aergo
Decentraland
SushiSwap
Conflux Network
NEAR Protocol
Polkastarter
Ankr
Maker
Artificial Superintelligence Alliance
Mask Network
Cronos
Internet Computer
Badger DAO
USD Coin
BakeryToken
Alpaca Finance
Aave
Treasure
BitTorrent
FLUX
Bancor
IoTex
Build'N'Build
+76
Bitcoin
Ethereum
Tether
USD Coin
Solana
Ripple
Dogecoin
Cardano
Toncoin
Shiba Inu
Avalanche
TRON
Chainlink
Polygon Matic
Polkadot
Wrapped Bitcoin
Litecoin
Dai
NEAR Protocol
Bitcoin Cash
Stellar
Cosmos
Filecoin
Ethereum Classic
Aptos
Hedera Hashgraph
Immutable
Optimism
Arbitrum
VeChain
The Sandbox
Decentraland
Axie Infinity
Injective Protocol
Render
The Graph
Aave
Chiliz
Helium
PAX Gold
Compound
Lido DAO Token
Sui
Conflux Network
Lido Staked ETH
OKB
Uniswap
Pepe
Ondo
Mantle
First Digital USD
XDC Network
Artificial Superintelligence Alliance
Jupiter
Quant
Worldcoin
Bonk
Tether Gold
JITO
JasmyCoin
Core
Floki Inu
Ethereum Name Service
SushiSwap
1inch Network
Tezos
Algorand
Flow
Trust Wallet Token
Curve DAO Token
MultiversX
Basic Attention Token
Enjin Coin
Ethena
Ethena Staked USDe
Build'N'Build
Kava.io
Celestia
Sei
IOTA
Frax
+217
Bitcoin
Ethereum
Tether
Build'N'Build
USD Coin
Solana
Ripple
Dogecoin
Cardano
Toncoin
Shiba Inu
Avalanche
TRON
Chainlink
Polkadot
Polygon Matic
Wrapped Bitcoin
Litecoin
Dai
NEAR Protocol
Bitcoin Cash
Monero
Stellar
Cosmos
Filecoin
Ethereum Classic
Aptos
Hedera Hashgraph
Immutable
Optimism
Arbitrum
VeChain
The Sandbox
Decentraland
Axie Infinity
Injective Protocol
Render Token
The Graph
Maker
Aave
Chiliz
Helium
PAX Gold
Compound
Lido DAO Token
THORChain
Stacks
Arweave
Sui
Conflux Network
Lido Staked ETH
Bitget Token
Wrapped Ethereum
OKB
Uniswap
Pepe
Ondo
Mantle
First Digital USD
Bittensor
Kaspa
Celestia
XDC Network
Artificial Superintelligence Alliance
Jupiter
Quant
Worldcoin
PayPal USD
Bonk
Flare
Tether Gold
Sei
JITO
JasmyCoin
PancakeSwap
Core
Floki Inu
Ethereum Name Service
SushiSwap
Kava.io
1inch Network
Tezos
Algorand
Flow
Trust Wallet Token
Curve DAO Token
KuCoin Token
MultiversX
Gitcoin
Zcash
IOTA
Basic Attention Token
Frax
Ethena
Ethena USDe
Fasttoken
Pi Network
SATS
Adventure Gold
Audius
Alchemy Pay
Arkham
API3
Bounce Token
Altlayer
Aergo
Amp
Aevo
ARPA Chain
Astar
Ark
Ankr
AirSwap
Alpaca Finance
Blur
Badger DAO
Bancor
BakeryToken
Biconomy
Chromia
Celer Network
Celo
Shentu
Civic
Convex Finance
Cartesi
Cyber
COTI
DigiByte
DIA
ether.fi
FUNToken
FLUX
Firo
Ampleforth
Golem
GMX
Gnosis
Moonbeam
Holo
IoTex
ICON
Illuvium
JUST
Kadena
Liquity
Livepeer
Lisk
Memecoin
Manta Network
Treasure
Mask Network
MetisDAO
Origin Protocol
ORDI
Ontology
Osmosis
Powerledger
Phala Network
Pendle
Portal
Pyth Network
ConstitutionDAO
Polkastarter
Qtum
iExec RLC
Rocket Pool
Reserve Rights
Ronin
Ravencoin
Starknet
Storj
Status
Spell Token
Sun (New)
SuperVerse
Toko Token
Theta Fuel
Tellor
Tensor
LayerZero
Usual
Eigenlayer
Hamster Kombat
Catizen
Berachain
KAITO
Pudgy Penguins
Solayer
Bio Protocol
ChainGPT
Cookie DAO
Solv Protocol
Alchemix
Bitcoin SV
Movement
DeXe
Binance Staked SOL
Nexo
Wrapped eETH
Hyperliquid
Casper
Zilliqa
Secret
Nervos Network
TrueUSD
BitTorrent
Mina
Dash
STEPN
Gemini Dollar
UNUS SED LEO
Synthetix
APEcoin
Gala
Theta Network
Fantom
Cronos
Internet Computer
Binance USD
Security firms confirmed the incident, describing it as a targeted manipulation of a Polkadot-linked token contract on Ethereum.
The exploit unfolded rapidly as hackers first forged cross-chain messages via the Hyperbridge gateway, a bridge that connects Polkadot’s ecosystem to Ethereum and other chains.
This allowed them to seize administrative control over the DOT ERC-20 token contract deployed on Ethereum.
Once in control, they minted the massive 1 billion token supply out of thin air.

Within minutes, the attackers offloaded the tokens into available DEX liquidity pools, primarily on Ethereum, triggering an immediate price collapse due to extreme slippage and thin order books.
On-chain charts captured the frenzy: a brief vertical spike in the fake DOT token’s price and volume followed by a near-total wipeout, highlighting how low liquidity amplified the dump’s efficiency for the attackers but limited broader extraction.
Native Polkadot’s DOT token on its relay chain remained untouched.
The incident targeted only the Ethereum-side representation of DOT via the Hyperbridge infrastructure—not the core Polkadot blockchain or its native supply.
Still, the event sent ripples through the market.
South Korean exchanges Upbit and Bithumb swiftly suspended DOT deposits and withdrawals as a precautionary measure, citing potential risks arising from confusion over the fake token.
While the real DOT price experienced only mild volatility amid the broader crypto sentiment, the exploit underscored persistent fears around bridged assets and cross-chain security.
Traders and holders expressed concerns on social platforms about reputational damage to Polkadot’s interoperability narrative, though the limited financial bleed prevented a full-scale panic sell-off.
The root cause lies in a flaw in Hyperbridge’s gateway contract, the component responsible for verifying and relaying messages between Polkadot and Ethereum.
Hyperbridge, positioned as Polkadot’s native bridge for secure asset transfers, relies on cryptographic proofs and message passing to maintain trustlessness.
However, this specific gateway implementation contained a critical weakness that permitted message forgery.
Attackers crafted and submitted malicious cross-chain messages that bypassed normal validation checks.
By impersonating legitimate Polkadot-originating instructions, they manipulated the admin privileges of the DOT token contract on Ethereum.
This granted them unrestricted minting rights, a classic “infinite mint” vector common in poorly guarded bridge contracts.
Once admin access was secured, the exploiters invoked the contract’s mint function repeatedly, generating the 1 billion tokens in a single coordinated burst.
The entire sequence from message forgery to minting and dumping occurred in minutes, exploiting the speed of Ethereum’s execution environment before any automated alerts or manual intervention could halt it.
Experts note that this mirrors past bridge exploits in which verification logic fails under crafted inputs, allowing unauthorized control over downstream token contracts.
Hyperbridge’s design emphasizes Polkadot’s shared security model, but the gateway’s Ethereum-side integration apparently introduced an exploitable surface.
No core Polkadot consensus or relay chain was compromised, isolating the damage to the bridged Ethereum representation.
The massive supply was dumped into extremely shallow liquidity pools for the Ethereum-based DOT token, resulting in immediate, severe slippage.
What began as a theoretical multi-million-dollar mint quickly evaporated in value as the price cratered under selling pressure.
Liquidity providers and any unsuspecting buyers absorbed the bulk of the immediate losses, though the thin pools meant total extracted value stayed modest.
The broader Polkadot ecosystem suffered no direct token inflation or reserve drain on its native chain.
Real DOT holders saw no dilution of supply, and the Polkadot relay chain’s security model held firm.
However, indirect costs emerged:
This incident serves as a stark reminder of ongoing risks in cross-chain infrastructure, even for bridges touted as secure.
While the dollar figure appears small relative to billion-dollar DeFi exploits of the past, the speed and simplicity of the attack highlight why message verification and admin controls remain high-priority audit targets.
Polkadot and Hyperbridge teams have yet to issue patches and enhanced monitoring.
Prashant Jha is a seasoned crypto journalist based in Delhi, India, with a Bachelor’s Degree in Computer Science Engineering. Passionate about the evolving world of blockchain and cryptocurrencies, he has been a dedicated voice in the industry since 2018. Prashant’s expertise lies in regulatory reporting, where he unravels complex legal and financial developments with clarity and precision. Before joining CCN in 2024, he honed his craft at Cointelegraph, establishing himself as a trusted name in crypto journalism.
His coverage spans major industry events, including the high-profile collapses of FTX, Three Arrows Capital (3AC), and LUNA, offering readers insightful analyses of their regulatory and market implications. Prashant’s technical background enables him to bridge the gap between intricate blockchain technology and its real-world applications, making his work accessible to novices and experts.
Beyond his professional pursuits, Prashant is an avid music enthusiast, often exploring diverse genres to unwind. A sports lover, he has a particular passion for cricket and frequently engages in discussions about the game. His multifaceted interests and sharp journalistic instincts make him a valuable contributor to CCN, where he continues shaping the crypto landscape's narrative.
You’re All Set!
Thanks for signing up. We’ll be in touch soon with the latest insights.
