Security researchers are examining a recent polkadot hack that saw attackers mint a massive trove of tokens on Ethereum before quickly cashing out.
Summary
Hackers mint 1 billion DOT on Ethereum
Hackers illicitly minted 1 billion DOT tokens on the Ethereum mainnet and then sold them, according to on-chain data shared on April 2026. However, the operation generated only about $237k in profit because liquidity for the affected asset was limited.
According to Certik, the incident stemmed from a Hyperbridge gateway vulnerability that let the attackers forge cross-chain messages. Moreover, this flaw allowed them to tamper with the administrator settings of a Polkadot-linked token contract deployed on Ethereum, granting unauthorized minting rights.
How the vulnerability was exploited
Investigators say the exploited Hyperbridge component effectively bypassed expected validation checks. That said, the attackers still faced constraints from the shallow liquidity available for the specific DOT representation on decentralized exchanges, which capped overall realized gains.
The polkadot hack therefore caused far less financial damage than the eye-catching mint figure suggests. However, it highlights how cross-chain infrastructure, including token bridges and gateways, remains a key attack surface for sophisticated exploiters targeting multi-chain ecosystems.
Exchange response and containment
In response to the exploit, major South Korean trading platforms Upbit and Bithumb moved to mitigate potential contagion. Moreover, both exchanges temporarily suspended DOT deposits and withdrawals while assessing any on-platform exposure and reviewing their risk controls.
Due to the low liquidity around the compromised asset, overall user losses were relatively small compared with other cross-chain incidents. However, the swift Upbit and Bithumb measures underscore how centralized exchanges can still act as important circuit breakers in emerging crypto security crises.
Ongoing investigation and security lessons
Security teams are now collaborating with bridge developers to review the full exploit path and identify similar weak points across other deployments. Moreover, the ethereum mainnet exploit shows that rigorous audits of cross-chain messaging, admin privileges, and token minting logic remain essential for protocols handling large token supplies.
Overall, the episode serves as a reminder that even when direct financial losses are limited, cross-chain vulnerabilities can erode confidence in token bridge infrastructure and the broader multi-chain strategy.
